Skip to main content
GET
/
v1
/
security
/
firewall
/
config
/
{configVersion}
getFirewallConfig
import { Vercel } from "@vercel/sdk";

const vercel = new Vercel({
  bearerToken: "<YOUR_BEARER_TOKEN_HERE>",
});

async function run() {
  const result = await vercel.security.getFirewallConfig({
    projectId: "<id>",
    teamId: "team_1a2b3c4d5e6f7g8h9i0j1k2l",
    slug: "my-team-url-slug",
    configVersion: "<value>",
  });

  console.log(result);
}

run();
{
  "ownerId": "<string>",
  "projectKey": "<string>",
  "id": "<string>",
  "version": 123,
  "updatedAt": "<string>",
  "firewallEnabled": true,
  "crs": {
    "sd": {
      "active": true,
      "action": "deny"
    },
    "ma": {
      "active": true,
      "action": "deny"
    },
    "lfi": {
      "active": true,
      "action": "deny"
    },
    "rfi": {
      "active": true,
      "action": "deny"
    },
    "rce": {
      "active": true,
      "action": "deny"
    },
    "php": {
      "active": true,
      "action": "deny"
    },
    "gen": {
      "active": true,
      "action": "deny"
    },
    "xss": {
      "active": true,
      "action": "deny"
    },
    "sqli": {
      "active": true,
      "action": "deny"
    },
    "sf": {
      "active": true,
      "action": "deny"
    },
    "java": {
      "active": true,
      "action": "deny"
    }
  },
  "rules": [
    {
      "id": "<string>",
      "name": "<string>",
      "active": true,
      "conditionGroup": [
        {
          "conditions": [
            {
              "type": "host",
              "op": "re",
              "neg": true,
              "key": "<string>",
              "value": "<string>"
            }
          ]
        }
      ],
      "action": {
        "mitigate": {
          "action": "deny",
          "rateLimit": {
            "algo": "fixed_window",
            "window": 123,
            "limit": 123,
            "keys": [
              "<string>"
            ],
            "action": "deny"
          },
          "redirect": {
            "location": "<string>",
            "permanent": true
          },
          "actionDuration": "<string>",
          "bypassSystem": true
        }
      },
      "description": "<string>"
    }
  ],
  "ips": [
    {
      "id": "<string>",
      "hostname": "<string>",
      "ip": "<string>",
      "action": "deny",
      "notes": "<string>"
    }
  ],
  "changes": [
    {}
  ],
  "managedRules": {
    "bot_protection": {
      "active": true,
      "action": "deny",
      "updatedAt": "<string>",
      "userId": "<string>",
      "username": "<string>"
    },
    "ai_bots": {
      "active": true,
      "action": "deny",
      "updatedAt": "<string>",
      "userId": "<string>",
      "username": "<string>"
    },
    "owasp": {
      "active": true,
      "action": "deny",
      "updatedAt": "<string>",
      "userId": "<string>",
      "username": "<string>"
    }
  },
  "botIdEnabled": true
}

Authorizations

Authorization
string
header
required

Default authentication mechanism

Path Parameters

configVersion
string
required

The deployed configVersion for the firewall configuration

Query Parameters

projectId
string
required
teamId
string

The Team identifier to perform the request on behalf of.

Example:

"team_1a2b3c4d5e6f7g8h9i0j1k2l"

slug
string

The Team slug to perform the request on behalf of.

Example:

"my-team-url-slug"

Response

If the firewall configuration includes a custom managed ruleset, it will include a crs item that has the following values: sd: Scanner Detection ma: Multipart Attack lfi: Local File Inclusion Attack rfi: Remote File Inclusion Attack rce: Remote Execution Attack php: PHP Attack gen: Generic Attack xss: XSS Attack sqli: SQL Injection Attack sf: Session Fixation Attack java: Java Attack

ownerId
string
required
projectKey
string
required
id
string
required
version
number
required
updatedAt
string
required
firewallEnabled
boolean
required
crs
object
required

Custom Ruleset

rules
object[]
required
ips
object[]
required
changes
object[]
required
managedRules
object
botIdEnabled
boolean