Create a proxy rule
const url = 'https://dashboard.quantcdn.io/api/v2/organizations/example/projects/example/rules/proxy';const options = { method: 'POST', headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'}, body: '{"domain":["test-domain.com","*.test-domain.com"],"name":"Test proxy rule","uuid":"123e4567-e89b-12d3-a456-426614174000","weight":0,"disabled":false,"url":["/api/*","/backend/*"],"country":"country_is","country_is":["US","CA","GB"],"country_is_not":["CN","RU"],"method":"method_is","method_is":["GET","POST"],"method_is_not":["DELETE","PUT"],"ip":"ip_is","ip_is":["192.168.1.0/24","10.0.0.1"],"ip_is_not":["172.16.0.0/12"],"asn":"any","asn_is":["15169","8075"],"asn_is_not":["13335"],"to":"https://backend.test-domain.com","host":"backend.test-domain.com","auth_user":"","auth_pass":"","disable_ssl_verify":false,"cache_lifetime":"3600","only_proxy_404":false,"inject_headers":{"X-Custom":"value"},"proxy_strip_headers":["Set-Cookie","Server"],"proxy_strip_request_headers":["Cookie","Authorization"],"origin_timeout":"30","failover_mode":false,"failover_origin_ttfb":"2000","failover_origin_status_codes":["502","503","504"],"failover_lifetime":"300","proxy_alert_enabled":false,"waf_enabled":false,"waf_config":{"mode":"report","paranoia_level":1,"allow_rules":["example"],"allow_ip":["example"],"block_ip":["example"],"block_asn":["example"],"block_ua":["example"],"block_referer":["example"],"notify_slack":"https://hooks.slack.com/services/XXX","notify_slack_hits_rpm":100,"notify_email":["example"],"httpbl":{"httpbl_enabled":false,"block_suspicious":false,"block_harvester":false,"block_spam":false,"block_search_engine":false,"httpbl_key":"example"},"block_lists":{"user_agent":false,"referer":false,"ip":false,"ai":false},"thresholds":[{"type":"ip","rps":10,"hits":10,"minutes":5,"cooldown":30,"mode":"disabled","value":"example","notify_slack":"example"}]},"application_proxy":false,"application_name":"my-app","application_environment":"production","application_container":"web","application_port":80,"static_error_page":"<html><body>Service temporarily unavailable</body></html>","static_error_page_status_codes":["500","502","503","504"]}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://dashboard.quantcdn.io/api/v2/organizations/example/projects/example/rules/proxy \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data '{ "domain": [ "test-domain.com", "*.test-domain.com" ], "name": "Test proxy rule", "uuid": "123e4567-e89b-12d3-a456-426614174000", "weight": 0, "disabled": false, "url": [ "/api/*", "/backend/*" ], "country": "country_is", "country_is": [ "US", "CA", "GB" ], "country_is_not": [ "CN", "RU" ], "method": "method_is", "method_is": [ "GET", "POST" ], "method_is_not": [ "DELETE", "PUT" ], "ip": "ip_is", "ip_is": [ "192.168.1.0/24", "10.0.0.1" ], "ip_is_not": [ "172.16.0.0/12" ], "asn": "any", "asn_is": [ "15169", "8075" ], "asn_is_not": [ "13335" ], "to": "https://backend.test-domain.com", "host": "backend.test-domain.com", "auth_user": "", "auth_pass": "", "disable_ssl_verify": false, "cache_lifetime": "3600", "only_proxy_404": false, "inject_headers": { "X-Custom": "value" }, "proxy_strip_headers": [ "Set-Cookie", "Server" ], "proxy_strip_request_headers": [ "Cookie", "Authorization" ], "origin_timeout": "30", "failover_mode": false, "failover_origin_ttfb": "2000", "failover_origin_status_codes": [ "502", "503", "504" ], "failover_lifetime": "300", "proxy_alert_enabled": false, "waf_enabled": false, "waf_config": { "mode": "report", "paranoia_level": 1, "allow_rules": [ "example" ], "allow_ip": [ "example" ], "block_ip": [ "example" ], "block_asn": [ "example" ], "block_ua": [ "example" ], "block_referer": [ "example" ], "notify_slack": "https://hooks.slack.com/services/XXX", "notify_slack_hits_rpm": 100, "notify_email": [ "example" ], "httpbl": { "httpbl_enabled": false, "block_suspicious": false, "block_harvester": false, "block_spam": false, "block_search_engine": false, "httpbl_key": "example" }, "block_lists": { "user_agent": false, "referer": false, "ip": false, "ai": false }, "thresholds": [ { "type": "ip", "rps": 10, "hits": 10, "minutes": 5, "cooldown": 30, "mode": "disabled", "value": "example", "notify_slack": "example" } ] }, "application_proxy": false, "application_name": "my-app", "application_environment": "production", "application_container": "web", "application_port": 80, "static_error_page": "<html><body>Service temporarily unavailable</body></html>", "static_error_page_status_codes": [ "500", "502", "503", "504" ] }'Authorizations
Section titled “Authorizations”Parameters
Section titled “Parameters”Path Parameters
Section titled “Path Parameters”Request Bodyrequired
Section titled “Request Bodyrequired”object
Domain patterns (default: any)
Example
[ "test-domain.com", "*.test-domain.com"]Rule name
Example
Test proxy ruleRule UUID
Example
123e4567-e89b-12d3-a456-426614174000Rule weight
Example
100Whether rule is disabled
Example
falseURL patterns
Example
[ "/api/*", "/backend/*"]Country filter type (country_is, country_is_not, any)
Example
country_isAllowed countries
Example
[ "US", "CA", "GB"]Excluded countries
Example
[ "CN", "RU"]Method filter type (method_is, method_is_not, any)
Example
method_isAllowed HTTP methods
Example
[ "GET", "POST"]Excluded HTTP methods
Example
[ "DELETE", "PUT"]IP filter type (ip_is, ip_is_not, any)
Example
ip_isAllowed IP addresses
Example
[ "192.168.1.0/24", "10.0.0.1"]Excluded IP addresses
Example
[ "172.16.0.0/12"]ASN filter type (asn_is, asn_is_not, any)
Example
anyAllowed AS numbers
Example
[ "15169", "8075"]Excluded AS numbers
Example
[ "13335"]Target URL to proxy to
Example
https://backend.test-domain.comHost header override
Example
backend.test-domain.comBasic auth username
Example
adminBasic auth password
Example
secure_passDisable SSL verification
Example
falseCache lifetime
Example
3600Only proxy 404 responses
Example
falseHeaders to inject
object
Example
{ "X-Custom": "value"}Headers to strip from response
Example
[ "Set-Cookie", "Server"]Headers to strip from request
Example
[ "Cookie", "Authorization"]Origin timeout
Example
30Enable failover mode
Example
trueFailover TTFB threshold in milliseconds
Example
2000Origin status codes that trigger failover
Example
[ "502", "503", "504"]Failover cache lifetime in seconds
Example
300Proxy alert enabled
Example
falseWAF enabled
Example
falseWeb Application Firewall configuration
object
WAF operation mode
OWASP paranoia level
WAF rule IDs to allow/whitelist
IP addresses to allow
IP addresses to block
ASN numbers to block
User agent patterns to block
Referer patterns to block
Slack webhook URL for notifications
Example
https://hooks.slack.com/services/XXXMinimum hits per minute to trigger Slack notification
Example
100Email addresses for notifications
Project Honey Pot HTTP:BL configuration
object
Enable HTTP:BL
Block suspicious IPs
Block email harvesters
Block spam sources
Block search engines
HTTP:BL API key
Enable predefined block lists
object
Block known bad user agents
Block known bad referers
Block known bad IPs
Block AI crawlers
Rate limiting thresholds
object
Threshold type
Requests per second limit (for ip/header)
Example
10Hit count limit (for waf_hit_by_ip)
Example
10Time window in minutes (for waf_hit_by_ip)
Example
5Cooldown period in seconds
Example
30Threshold enforcement mode
Header name (for header type)
Slack webhook for this threshold
Enable Quant Cloud application proxy mode
Example
falseQuant Cloud application name (required when application_proxy is true)
Example
my-appQuant Cloud application environment (required when application_proxy is true)
Example
productionQuant Cloud application container (required when application_proxy is true)
Example
webQuant Cloud application port (required when application_proxy is true)
Example
80Static error page content (HTML) to serve on origin errors
Example
<html><body>Service temporarily unavailable</body></html>Origin status codes that trigger static error page
Example
[ "500", "502", "503", "504"]Responses
Section titled “Responses”The request has succeeded and a new resource has been created as a result.
object
Rule name
Rule UUID
Rule ID
Rule weight
URL patterns
Domain patterns
Whether rule is disabled
Only apply with cookie
HTTP method
Allowed HTTP methods
Excluded HTTP methods
IP address
Allowed IP addresses
Excluded IP addresses
ASN filter type (asn_is, asn_is_not, any)
Allowed AS numbers
Excluded AS numbers
Country code
Allowed countries
Excluded countries
Rule action
Rule ID
object
Target URL to proxy to
Host header override
Basic auth username
Basic auth password
Disable SSL verification
Cache lifetime
Only proxy 404 responses
Headers to inject
object
Headers to strip from response
Headers to strip from request
Origin timeout
Enable failover mode
Failover TTFB threshold
Status codes for failover (default: 200,404,301,302,304)
Failover cache lifetime
Notification type (none, slack)
Notification configuration (required when notify is slack)
object
Slack webhook URL
WAF enabled
Web Application Firewall configuration
object
WAF operation mode
OWASP paranoia level
WAF rule IDs to allow/whitelist
IP addresses to allow
IP addresses to block
ASN numbers to block
User agent patterns to block
Referer patterns to block
Slack webhook URL for notifications
Minimum hits per minute to trigger Slack notification
Email addresses for notifications
Project Honey Pot HTTP:BL configuration
object
Enable HTTP:BL
Block suspicious IPs
Block email harvesters
Block spam sources
Block search engines
HTTP:BL API key
Enable predefined block lists
object
Block known bad user agents
Block known bad referers
Block known bad IPs
Block AI crawlers
Rate limiting thresholds
object
Threshold type
Requests per second limit (for ip/header)
Hit count limit (for waf_hit_by_ip)
Time window in minutes (for waf_hit_by_ip)
Cooldown period in seconds
Threshold enforcement mode
Header name (for header type)
Slack webhook for this threshold
Proxy alert enabled
Proxy inline function enabled
Enable Quant Cloud application proxy mode
Quant Cloud application name (required when application_proxy is true)
Quant Cloud application environment (required when application_proxy is true)
Quant Cloud application container (required when application_proxy is true)
Quant Cloud application port (required when application_proxy is true)
Quant Cloud application proxy selection (populated automatically when application_proxy is enabled)
object
Application name
Environment name
Container name
Container port
Static error page content (HTML) to serve on origin errors
Origin status codes that trigger static error page
Example
{ "name": "Test redirect rule", "uuid": "123e4567-e89b-12d3-a456-426614174000", "rule_id": "rule-001", "weight": 0, "url": [ "/old-path/*", "/legacy/*" ], "domain": [ "test-domain.com", "*.test-domain.com" ], "disabled": false, "only_with_cookie": "session_id", "method": "GET", "method_is": [ "GET", "POST" ], "method_is_not": [ "DELETE", "PUT" ], "ip": "192.168.1.1", "ip_is": [ "192.168.1.0/24", "10.0.0.1" ], "ip_is_not": [ "172.16.0.0/12" ], "asn": "any", "asn_is": [ "15169", "8075" ], "asn_is_not": [ "13335" ], "country": "US", "country_is": [ "US", "CA", "GB" ], "country_is_not": [ "CN", "RU" ], "action": "redirect", "action_config": { "to": "https://backend.test-domain.com", "host": "backend.test-domain.com", "auth_user": "admin", "auth_pass": "secure_password", "disable_ssl_verify": false, "cache_lifetime": "3600", "only_proxy_404": false, "inject_headers": { "X-Custom-Header": "value", "Authorization": "Bearer token" }, "proxy_strip_headers": [ "Set-Cookie", "Server" ], "proxy_strip_request_headers": [ "Cookie", "Authorization" ], "origin_timeout": "30", "failover_mode": false, "failover_origin_ttfb": "2000", "failover_origin_status_codes": [ "200", "404", "301", "302", "304" ], "failover_lifetime": "300", "notify": "none", "notify_config": { "webhook_url": "https://hooks.slack.com/services/XXXXXX" }, "waf_enabled": false, "waf_config": { "mode": "report", "paranoia_level": 1, "notify_slack": "https://hooks.slack.com/services/XXX", "notify_slack_hits_rpm": 100, "httpbl": { "httpbl_enabled": false, "block_suspicious": false, "block_harvester": false, "block_spam": false, "block_search_engine": false }, "block_lists": { "user_agent": false, "referer": false, "ip": false, "ai": false }, "thresholds": [ { "type": "ip", "rps": 10, "hits": 10, "minutes": 5, "cooldown": 30, "mode": "disabled" } ] }, "proxy_alert_enabled": false, "proxy_inline_fn_enabled": false, "application_proxy": false, "application_name": "my-app", "application_environment": "production", "application_container": "web", "application_port": 80, "quant_cloud_selection": { "app": "my-app", "env": "production", "container": "web", "port": 80 }, "static_error_page": "<html><body>Service temporarily unavailable</body></html>", "static_error_page_status_codes": [ "500", "502", "503", "504" ] }}The server could not understand the request due to invalid syntax.
object
Error message
Error flag
Example
{ "message": "The requested resource was not found", "error": true}Access is forbidden.
object
Error message
Error flag
Example
{ "message": "The requested resource was not found", "error": true}