Pricing Templates
Log in Sign up
Integrations / Vercel / ...

PUT /v1/security/firewall/config

Set the firewall configuration to provided rules and settings. Creates or overwrite the existing firewall configuration.

Servers

Request headers

Name Type Required Description
Content-Type String Yes The media type of the request body.

Default value: "application/json"

Query parameters

Name Type Required Description
projectId String Yes
teamId String No

The Team identifier to perform the request on behalf of.
slug String No

The Team slug to perform the request on behalf of.

Request body fields

Name Type Required Description
ips[] Array No
ips[].id String No
ips[].notes String No
ips[].action String Yes

Valid values:

  • "deny"
  • "log"
  • "challenge"
  • "bypass"
ips[].hostname String Yes
ips[].ip String Yes
rules[] Array No
rules[].id String No
rules[].name String Yes
rules[].description String No
rules[].active Boolean Yes
rules[].action Object Yes
rules[].action.mitigate Object No
rules[].action.mitigate.actionDuration String No
rules[].action.mitigate.bypassSystem Boolean No
rules[].action.mitigate.action String Yes

Valid values:

  • "log"
  • "deny"
  • "challenge"
  • "bypass"
  • "rate_limit"
  • "redirect"
rules[].action.mitigate.rateLimit No
rules[].action.mitigate.redirect No
rules[].validationErrors No
rules[].conditionGroup[] Array Yes
rules[].conditionGroup[].conditions[] Array Yes
rules[].conditionGroup[].conditions[].neg Boolean No
rules[].conditionGroup[].conditions[].key String No
rules[].conditionGroup[].conditions[].op String Yes

Valid values:

  • "gt"
  • "gte"
  • "eq"
  • "lt"
  • "nex"
  • "sub"
  • "pre"
  • "ninc"
  • "suf"
  • "inc"
  • "lte"
  • "neq"
  • "re"
  • "ex"
rules[].conditionGroup[].conditions[].type String Yes

Parameter from the incoming traffic.

Valid values:

  • "bot_category"
  • "ja4_digest"
  • "server_action"
  • "scheme"
  • "header"
  • "bot_name"
  • "ja3_digest"
  • "protocol"
  • "raw_path"
  • "method"
  • "ip_address"
  • "geo_as_number"
  • "path"
  • "region"
  • "host"
  • "geo_country_region"
  • "rate_limit_api_id"
  • "geo_city"
  • "route"
  • "cookie"
  • "geo_continent"
  • "geo_country"
  • "target_path"
  • "environment"
  • "query"
  • "user_agent"
rules[].conditionGroup[].conditions[].value No
rules[].valid Boolean No
botIdEnabled Boolean No
managedRules Object No
crs Object No

Custom Ruleset
crs.gen Object No

Generic Attack - Provide broad protection from various undefined or novel attack vectors.
crs.gen.active Boolean Yes
crs.gen.action String Yes

Valid values:

  • "deny"
  • "log"
crs.lfi Object No

Local File Inclusion Attack - Prevent unauthorized access to local files through web applications.
crs.lfi.active Boolean Yes
crs.lfi.action String Yes

Valid values:

  • "deny"
  • "log"
crs.sqli Object No

SQL Injection Attack - Prohibit unauthorized use of SQL commands to manipulate databases.
crs.sqli.active Boolean Yes
crs.sqli.action String Yes

Valid values:

  • "deny"
  • "log"
crs.sd Object No

Scanner Detection - Detect and prevent reconnaissance activities from network scanning tools.
crs.sd.active Boolean Yes
crs.sd.action String Yes

Valid values:

  • "deny"
  • "log"
crs.java Object No

Java Attack - Mitigate risks of exploitation targeting Java-based applications or components.
crs.java.active Boolean Yes
crs.java.action String Yes

Valid values:

  • "deny"
  • "log"
crs.rce Object No

Remote Execution Attack - Prevent unauthorized execution of remote scripts or commands.
crs.rce.active Boolean Yes
crs.rce.action String Yes

Valid values:

  • "deny"
  • "log"
crs.sf Object No

Session Fixation Attack - Prevent unauthorized takeover of user sessions by enforcing unique session IDs.
crs.sf.active Boolean Yes
crs.sf.action String Yes

Valid values:

  • "deny"
  • "log"
crs.ma Object No

Multipart Attack - Block attempts to bypass security controls using multipart/form-data encoding.
crs.ma.active Boolean Yes
crs.ma.action String Yes

Valid values:

  • "deny"
  • "log"
crs.rfi Object No

Remote File Inclusion Attack - Prohibit unauthorized upload or execution of remote files.
crs.rfi.active Boolean Yes
crs.rfi.action String Yes

Valid values:

  • "deny"
  • "log"
crs.php Object No

PHP Attack - Safeguard against vulnerability exploits in PHP-based applications.
crs.php.active Boolean Yes
crs.php.action String Yes

Valid values:

  • "deny"
  • "log"
crs.xss Object No

XSS Attack - Prevent injection of malicious scripts into trusted webpages.
crs.xss.active Boolean Yes
crs.xss.action String Yes

Valid values:

  • "deny"
  • "log"
firewallEnabled Boolean Yes

How to start integrating

  1. Add HTTP Task to your workflow definition.
  2. Search for the API you want to integrate with and click on the name.
    • This loads the API reference documentation and prepares the Http request settings.
  3. Click Test request to test run your request to the API and see the API's response.
All third party trademarks (including logos and icons) are the property of their respective owners, which do not sponsor, authorize, or endorse this website.
Pricing Templates Integrations Blog Contact Us Help
© 2026 SimWorkflow
Terms of Service Privacy Policy