Managing the surge protector of all ws on the site (bannedaddrs)
Overview
Provides access to the Edge Network Filter operational data of all role instances ws.
Automatic blocking of an IP address occurs when HTTP-, HTTPS-, WS-, WSS—requests with incorrect authorization data are repeatedly received from it within a limited time interval. Automatic locking is done on a specific instance of the role ws. Those added to the list via the API are placed on the banned address lists on all available instances of the role ws.
Displays all automatically blocked IP addresses and the blocking time. It also allows you to remove blocked IP addresses: one by one and all at once.
Addresses with more than 5 unauthorized requests with different credentials in the last 3 minutes are blocked. If you stop activity, the lock is released after 3-5 minutes.
Data is provided from all WS microservices instances at the current site.
Requests
| HTTP verb | Endpoint | Description |
|---|---|---|
|
|
Obtaining a list of blocked IP addresses from the web servers of the current site |
|
|
Clearing lists of blocked addresses on web servers of the current site |
|
|
Removing an address from the list of blocked addresses on the web servers of the current site |
General scoping parameters of requests
The given parameters are used in the URL (?param=value) to restrict the scoping of the request (the composition of role instances to which the request applies).
All are optional and may not be available.
It makes sense to specify no more than one of these, or to specify none.
| Name | Type | Description |
|---|---|---|
|
|
The site name from the configuration. For example |
|
|
A comma-separated list of site names. For example |
|
|
Server alias. Can be the IP address, number or full name of the server from configuration. For example |
|
|
A comma-separated list of server aliases. For example |
Obtaining a list of blocked IP addresses from the web servers of the current site
Returns a list of object-representations of all instances of role ws included in the query scope specified by scope-parameters in the URL.
Each object contains the status of a role instance and a list of blocked IP addresses on that role instance if it is active and available.
Request
| Name | Type | Description |
|---|---|---|
|
|
Filter by field values. |
|
|
List of fields to output. Available fields for output: |
|
|
Offset in the list of resources to be issued. |
|
|
The maximum number of resources in the list. |
|
|
The sort order of the resources in the list. |
|
|
Conversion to flat form of composite fields. |
URL may contain additional scope-parameters.
GET /rest/v1/master/master/logicalroles/ws/bannedaddrs/site?site=SITE1&mask=banned,node,online&offset=2&limit=2 HTTP/1.1Response
Contains a list of objects, each representing a specific instance of the ws role included in the request skope.
| Name | Description |
|---|---|
|
The name of the site where the current role instance is located ws. |
|
The name of the node on which the current role instance is executed ws. |
|
The server number from the configuration on which the node with the current role instance is running ws |
|
The address of the server from the configuration on which the node with the current role instance is running ws |
|
An indication of the activity/availability of the role instance from the web server serving the request.
|
|
List of blocked IP addresses. Each address in the list is represented by an object with fields:
|
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
[
{
"node": "ws1@192.168.0.100",
"ips": [
{
"ip": "192.168.0.100",
"is_banned": true,
"failed_at": [
"2023-12-08T14:12:36Z",
"2023-12-08T14:12:33Z",
"2023-12-08T14:12:30Z",
"2023-12-08T14:12:26Z",
"2023-12-08T14:11:57Z"
]
},
{
"ip": "192.168.0.102",
"is_banned": true,
"failed_at": [
"2023-12-08T14:13:24Z",
"2023-12-08T14:12:56Z",
"2023-12-08T14:12:42Z",
"2023-12-08T14:12:13Z",
"2023-12-08T14:12:05Z"
]
}
]
},
{
"node": "ws1@192.168.0.101",
"ips": [
{
"ip": "192.168.0.100",
"is_banned": true,
"failed_at": [
"2023-12-08T14:12:37Z",
"2023-12-08T14:12:34Z",
"2023-12-08T14:12:31Z",
"2023-12-08T14:12:27Z",
"2023-12-08T14:11:58Z"
]
}
]
}
]Clearing lists of blocked addresses on web servers of the current site
Clears lists of blocked IP addresses of a role ws.
The query is parallelized and applied to all role instances of ws included in the scope specified by scope-parameters in the URL.
Request
URL may contain additional scope-parameters.
DELETE /rest/v1/master/logicalroles/ws/bannedaddrs/site HTTP/1.1Removing an address from the list of blocked addresses on the web servers of the current site
Removes the blocked IP address from the list of blocked IP addresses of the role ws.
The query is parallelized and applied to all role instances of ws included in the scope specified by scope-parameters in the URL.
Request
URL may contain additional scope-parameters.
DELETE /rest/v1/master/logicalroles/ws/bannedaddrs/site/212.54.68.68 HTTP/1.1