Package com.oracle.bmc.waas.model

Class ProtectionSettings

  • @Generated(value="OracleSDKGenerator",
           comments="API Version: 20181116")
public final class ProtectionSettings
extends com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel
    The settings used for protection rules.
    Note: Objects should always be created or deserialized using the ProtectionSettings.Builder. This model distinguishes fields that are null because they are unset from fields that are explicitly set to null. This is done in the setter methods of the ProtectionSettings.Builder, which maintain a set of all explicitly set fields called ProtectionSettings.Builder.__explicitlySet__. The hashCode() and equals(Object) methods are implemented to take the explicitly set fields into account. The constructor, on the other hand, does not take the explicitly set fields into account (since the constructor cannot distinguish explicit null from unset null).

    • Method Detail

      • getBlockAction

        public ProtectionSettings.BlockAction getBlockAction()
        If action is set to BLOCK, this specifies how the traffic is blocked when detected as malicious by a protection rule.

        If unspecified, defaults to SET_RESPONSE_CODE.

        Returns:
        the value

      • getBlockResponseCode

        public Integer getBlockResponseCode()
        The response code returned when action is set to BLOCK, blockAction is set to SET_RESPONSE_CODE, and the traffic is detected as malicious by a protection rule.

        If unspecified, defaults to 403. The list of available response codes: 400, 401, 403, 405, 409, 411, 412, 413, 414, 415, 416, 500, 501, 502, 503, 504, 507.

        Returns:
        the value

      • getBlockErrorPageMessage

        public String getBlockErrorPageMessage()
        The message to show on the error page when action is set to BLOCK, blockAction is set to SHOW_ERROR_PAGE, and the traffic is detected as malicious by a protection rule.

        If unspecified, defaults to ‘Access to the website is blocked.’

        Returns:
        the value

      • getBlockErrorPageCode

        public String getBlockErrorPageCode()
        The error code to show on the error page when action is set to BLOCK, blockAction is set to SHOW_ERROR_PAGE, and the traffic is detected as malicious by a protection rule.

        If unspecified, defaults to 403.

        Returns:
        the value

      • getBlockErrorPageDescription

        public String getBlockErrorPageDescription()
        The description text to show on the error page when action is set to BLOCK, blockAction is set to SHOW_ERROR_PAGE, and the traffic is detected as malicious by a protection rule.

        If unspecified, defaults to Access blocked by website owner. Please contact support.

        Returns:
        the value

      • getMaxArgumentCount

        public Integer getMaxArgumentCount()
        The maximum number of arguments allowed to be passed to your application before an action is taken.

        Arguements are query parameters or body parameters in a PUT or POST request. If unspecified, defaults to 255. This setting only applies if a corresponding protection rule is enabled, such as the “Number of Arguments Limits” rule (key: 960335).

        Example: If maxArgumentCount to 2 for the Max Number of Arguments protection rule (key: 960335), the following requests would be blocked: GET /myapp/path?query=one&query=two&query=three POST /myapp/path with Body {"argument1":"one","argument2":"two","argument3":"three"}

        Returns:
        the value

      • getMaxNameLengthPerArgument

        public Integer getMaxNameLengthPerArgument()
        The maximum length allowed for each argument name, in characters.

        Arguements are query parameters or body parameters in a PUT or POST request. If unspecified, defaults to 400. This setting only applies if a corresponding protection rule is enabled, such as the “Values Limits” rule (key: 960208).

        Returns:
        the value

      • getMaxTotalNameLengthOfArguments

        public Integer getMaxTotalNameLengthOfArguments()
        The maximum length allowed for the sum of the argument name and value, in characters.

        Arguements are query parameters or body parameters in a PUT or POST request. If unspecified, defaults to 64000. This setting only applies if a corresponding protection rule is enabled, such as the “Total Arguments Limits” rule (key: 960341).

        Returns:
        the value

      • getRecommendationsPeriodInDays

        public Integer getRecommendationsPeriodInDays()
        The length of time to analyze traffic traffic, in days.

        After the analysis period, WafRecommendations will be populated. If unspecified, defaults to 10.

        Use GET /waasPolicies/{waasPolicyId}/wafRecommendations to view WAF recommendations.

        Returns:
        the value

      • getIsResponseInspected

        public Boolean getIsResponseInspected()
        Inspects the response body of origin responses.

        Can be used to detect leakage of sensitive data. If unspecified, defaults to false.

        *Note:** Only origin responses with a Content-Type matching a value in mediaTypes will be inspected.

        Returns:
        the value

      • getMaxResponseSizeInKiB

        public Integer getMaxResponseSizeInKiB()
        The maximum response size to be fully inspected, in binary kilobytes (KiB).

        Anything over this limit will be partially inspected. If unspecified, defaults to 1024.

        Returns:
        the value

      • getAllowedHttpMethods

        public List<ProtectionSettings.AllowedHttpMethods> getAllowedHttpMethods()
        The list of allowed HTTP methods.

        If unspecified, default to [OPTIONS, GET, HEAD, POST]. This setting only applies if a corresponding protection rule is enabled, such as the “Restrict HTTP Request Methods” rule (key: 911100).

        Returns:
        the value

      • getMediaTypes

        public List<String> getMediaTypes()
        The list of media types to allow for inspection, if isResponseInspected is enabled.

        Only responses with MIME types in this list will be inspected. If unspecified, defaults to [“text/html”, “text/plain”, “text/xml”].

        Supported MIME types include:

        - text/html - text/plain - text/asp - text/css - text/x-script - application/json - text/webviewhtml - text/x-java-source - application/x-javascript - application/javascript - application/ecmascript - text/javascript - text/ecmascript - text/x-script.perl - text/x-script.phyton - application/plain - application/xml - text/xml

        Returns:
        the value

      • toString

        public String toString()
        Overrides:
        toString in class com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel

      • toString

        public String toString​(boolean includeByteArrayContents)
        Return a string representation of the object.
        Parameters:
        includeByteArrayContents - true to include the full contents of byte arrays
        Returns:
        string representation

      • equals

        public boolean equals​(Object o)
        Overrides:
        equals in class com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel