Skip to content

Update a proxy rule

PATCH
/api/v2/organizations/{organization}/projects/{project}/rules/proxy/{rule}
curl --request PATCH \
--url https://dashboard.quantcdn.io/api/v2/organizations/example/projects/example/rules/proxy/example \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{ "domain": [ "test-domain.com", "*.test-domain.com" ], "name": "Test proxy rule", "uuid": "123e4567-e89b-12d3-a456-426614174000", "weight": 0, "disabled": false, "url": [ "/api/*", "/backend/*" ], "country": "country_is", "country_is": [ "US", "CA", "GB" ], "country_is_not": [ "CN", "RU" ], "method": "method_is", "method_is": [ "GET", "POST" ], "method_is_not": [ "DELETE", "PUT" ], "ip": "ip_is", "ip_is": [ "192.168.1.0/24", "10.0.0.1" ], "ip_is_not": [ "172.16.0.0/12" ], "asn": "any", "asn_is": [ "15169", "8075" ], "asn_is_not": [ "13335" ], "to": "https://backend.test-domain.com", "host": "backend.test-domain.com", "auth_user": "", "auth_pass": "", "disable_ssl_verify": false, "cache_lifetime": "3600", "only_proxy_404": false, "inject_headers": { "X-Custom": "value" }, "proxy_strip_headers": [ "Set-Cookie", "Server" ], "proxy_strip_request_headers": [ "Cookie", "Authorization" ], "origin_timeout": "30", "failover_mode": false, "failover_origin_ttfb": "2000", "failover_origin_status_codes": [ "502", "503", "504" ], "failover_lifetime": "300", "proxy_alert_enabled": false, "waf_enabled": false, "waf_config": { "mode": "report", "paranoia_level": 1, "allow_rules": [ "example" ], "allow_ip": [ "example" ], "block_ip": [ "example" ], "block_asn": [ "example" ], "block_ua": [ "example" ], "block_referer": [ "example" ], "notify_slack": "https://hooks.slack.com/services/XXX", "notify_slack_hits_rpm": 100, "notify_email": [ "example" ], "httpbl": { "httpbl_enabled": false, "block_suspicious": false, "block_harvester": false, "block_spam": false, "block_search_engine": false, "httpbl_key": "example" }, "block_lists": { "user_agent": false, "referer": false, "ip": false, "ai": false }, "thresholds": [ { "type": "ip", "rps": 10, "hits": 10, "minutes": 5, "cooldown": 30, "mode": "disabled", "value": "example", "notify_slack": "example" } ] }, "application_proxy": false, "application_name": "my-app", "application_environment": "production", "application_container": "web", "application_port": 80, "static_error_page": "<html><body>Service temporarily unavailable</body></html>", "static_error_page_status_codes": [ "500", "502", "503", "504" ] }'
organization
required
string
project
required
string
rule
required
string
Media typeapplication/json
object
domain
required

Domain patterns (default: any)

Array<string>
Example
[
"test-domain.com",
"*.test-domain.com"
]
name

Rule name

string
Example
Test proxy rule
uuid

Rule UUID

string
Example
123e4567-e89b-12d3-a456-426614174000
weight

Rule weight

integer
0
Example
100
disabled

Whether rule is disabled

boolean
Example
false
url
required

URL patterns

Array<string>
Example
[
"/api/*",
"/backend/*"
]
country

Country filter type (country_is, country_is_not, any)

string
Example
country_is
country_is

Allowed countries

Array<string>
Example
[
"US",
"CA",
"GB"
]
country_is_not

Excluded countries

Array<string>
Example
[
"CN",
"RU"
]
method

Method filter type (method_is, method_is_not, any)

string
Example
method_is
method_is

Allowed HTTP methods

Array<string>
Example
[
"GET",
"POST"
]
method_is_not

Excluded HTTP methods

Array<string>
Example
[
"DELETE",
"PUT"
]
ip

IP filter type (ip_is, ip_is_not, any)

string
Example
ip_is
ip_is

Allowed IP addresses

Array<string>
Example
[
"192.168.1.0/24",
"10.0.0.1"
]
ip_is_not

Excluded IP addresses

Array<string>
Example
[
"172.16.0.0/12"
]
asn

ASN filter type (asn_is, asn_is_not, any)

string
Example
any
asn_is

Allowed AS numbers

Array<string>
Example
[
"15169",
"8075"
]
asn_is_not

Excluded AS numbers

Array<string>
Example
[
"13335"
]
to
required

Target URL to proxy to

string
Example
https://backend.test-domain.com
host

Host header override

string
Example
backend.test-domain.com
auth_user

Basic auth username

string
""
Example
admin
auth_pass

Basic auth password

string
""
Example
secure_pass
disable_ssl_verify

Disable SSL verification

boolean
Example
false
cache_lifetime

Cache lifetime

string
nullable
Example
3600
only_proxy_404

Only proxy 404 responses

boolean
Example
false
inject_headers

Headers to inject

object
key
additional properties
string
Example
{
"X-Custom": "value"
}
proxy_strip_headers

Headers to strip from response

Array<string>
Example
[
"Set-Cookie",
"Server"
]
proxy_strip_request_headers

Headers to strip from request

Array<string>
Example
[
"Cookie",
"Authorization"
]
origin_timeout

Origin timeout

string
Example
30
failover_mode

Enable failover mode

boolean
Example
true
failover_origin_ttfb

Failover TTFB threshold in milliseconds

string
default: 2000
Example
2000
failover_origin_status_codes

Origin status codes that trigger failover

Array<string>
Example
[
"502",
"503",
"504"
]
failover_lifetime

Failover cache lifetime in seconds

string
default: 300
Example
300
proxy_alert_enabled

Proxy alert enabled

boolean
Example
false
waf_enabled

WAF enabled

boolean
Example
false
waf_config
One of:

Web Application Firewall configuration

object
mode

WAF operation mode

string
default: report
Allowed values: report block
paranoia_level

OWASP paranoia level

integer
default: 1 >= 1 <= 4
allow_rules

WAF rule IDs to allow/whitelist

Array<string>
allow_ip

IP addresses to allow

Array<string>
block_ip

IP addresses to block

Array<string>
block_asn

ASN numbers to block

Array<string>
block_ua

User agent patterns to block

Array<string>
block_referer

Referer patterns to block

Array<string>
notify_slack

Slack webhook URL for notifications

string
Example
https://hooks.slack.com/services/XXX
notify_slack_hits_rpm

Minimum hits per minute to trigger Slack notification

integer
Example
100
notify_email

Email addresses for notifications

Array<string>
httpbl

Project Honey Pot HTTP:BL configuration

object
httpbl_enabled

Enable HTTP:BL

boolean
block_suspicious

Block suspicious IPs

boolean
block_harvester

Block email harvesters

boolean
block_spam

Block spam sources

boolean
block_search_engine

Block search engines

boolean
httpbl_key

HTTP:BL API key

string
block_lists

Enable predefined block lists

object
user_agent

Block known bad user agents

boolean
referer

Block known bad referers

boolean
ip

Block known bad IPs

boolean
ai

Block AI crawlers

boolean
thresholds

Rate limiting thresholds

Array<object>
object
type

Threshold type

string
Allowed values: ip header waf_hit_by_ip
rps

Requests per second limit (for ip/header)

integer
Example
10
hits

Hit count limit (for waf_hit_by_ip)

integer
Example
10
minutes

Time window in minutes (for waf_hit_by_ip)

integer
Example
5
cooldown

Cooldown period in seconds

integer
Example
30
mode

Threshold enforcement mode

string
default: disabled
Allowed values: disabled report block
value

Header name (for header type)

string
nullable
notify_slack

Slack webhook for this threshold

string
nullable
application_proxy

Enable Quant Cloud application proxy mode

boolean
Example
false
application_name

Quant Cloud application name (required when application_proxy is true)

string
Example
my-app
application_environment

Quant Cloud application environment (required when application_proxy is true)

string
Example
production
application_container

Quant Cloud application container (required when application_proxy is true)

string
Example
web
application_port

Quant Cloud application port (required when application_proxy is true)

integer
Example
80
static_error_page

Static error page content (HTML) to serve on origin errors

string
nullable
Example
<html><body>Service temporarily unavailable</body></html>
static_error_page_status_codes

Origin status codes that trigger static error page

Array<string>
Example
[
"500",
"502",
"503",
"504"
]

The request has succeeded.

Media typeapplication/json
object
name

Rule name

string
uuid
required

Rule UUID

string
rule_id

Rule ID

string
weight

Rule weight

integer
0
url

URL patterns

Array<string>
domain

Domain patterns

Array<string>
disabled
required

Whether rule is disabled

boolean
only_with_cookie

Only apply with cookie

string
method

HTTP method

string
method_is

Allowed HTTP methods

Array<string>
method_is_not

Excluded HTTP methods

Array<string>
ip

IP address

string
ip_is

Allowed IP addresses

Array<string>
ip_is_not

Excluded IP addresses

Array<string>
asn

ASN filter type (asn_is, asn_is_not, any)

string
asn_is

Allowed AS numbers

Array<string>
asn_is_not

Excluded AS numbers

Array<string>
country

Country code

string
country_is

Allowed countries

Array<string>
country_is_not

Excluded countries

Array<string>
action
required

Rule action

string
rule_id

Rule ID

string
action_config
required
object
to
required

Target URL to proxy to

string
host

Host header override

string
auth_user

Basic auth username

string
auth_pass

Basic auth password

string
disable_ssl_verify

Disable SSL verification

boolean
cache_lifetime

Cache lifetime

string
nullable
only_proxy_404

Only proxy 404 responses

boolean
inject_headers

Headers to inject

object
key
additional properties
string
proxy_strip_headers

Headers to strip from response

Array<string>
proxy_strip_request_headers

Headers to strip from request

Array<string>
origin_timeout

Origin timeout

string
failover_mode

Enable failover mode

boolean
failover_origin_ttfb

Failover TTFB threshold

string
default: 2000
failover_origin_status_codes

Status codes for failover (default: 200,404,301,302,304)

Array<string>
failover_lifetime

Failover cache lifetime

string
default: 300
notify

Notification type (none, slack)

string
default: none
Allowed values: none slack
notify_config

Notification configuration (required when notify is slack)

object
webhook_url

Slack webhook URL

string
waf_enabled

WAF enabled

boolean
waf_config
One of:

Web Application Firewall configuration

object
mode

WAF operation mode

string
default: report
Allowed values: report block
paranoia_level

OWASP paranoia level

integer
default: 1 >= 1 <= 4
allow_rules

WAF rule IDs to allow/whitelist

Array<string>
allow_ip

IP addresses to allow

Array<string>
block_ip

IP addresses to block

Array<string>
block_asn

ASN numbers to block

Array<string>
block_ua

User agent patterns to block

Array<string>
block_referer

Referer patterns to block

Array<string>
notify_slack

Slack webhook URL for notifications

string
notify_slack_hits_rpm

Minimum hits per minute to trigger Slack notification

integer
notify_email

Email addresses for notifications

Array<string>
httpbl

Project Honey Pot HTTP:BL configuration

object
httpbl_enabled

Enable HTTP:BL

boolean
block_suspicious

Block suspicious IPs

boolean
block_harvester

Block email harvesters

boolean
block_spam

Block spam sources

boolean
block_search_engine

Block search engines

boolean
httpbl_key

HTTP:BL API key

string
block_lists

Enable predefined block lists

object
user_agent

Block known bad user agents

boolean
referer

Block known bad referers

boolean
ip

Block known bad IPs

boolean
ai

Block AI crawlers

boolean
thresholds

Rate limiting thresholds

Array<object>
object
type

Threshold type

string
Allowed values: ip header waf_hit_by_ip
rps

Requests per second limit (for ip/header)

integer
hits

Hit count limit (for waf_hit_by_ip)

integer
minutes

Time window in minutes (for waf_hit_by_ip)

integer
cooldown

Cooldown period in seconds

integer
mode

Threshold enforcement mode

string
default: disabled
Allowed values: disabled report block
value

Header name (for header type)

string
nullable
notify_slack

Slack webhook for this threshold

string
nullable
proxy_alert_enabled

Proxy alert enabled

boolean
proxy_inline_fn_enabled

Proxy inline function enabled

boolean
application_proxy

Enable Quant Cloud application proxy mode

boolean
application_name

Quant Cloud application name (required when application_proxy is true)

string
application_environment

Quant Cloud application environment (required when application_proxy is true)

string
application_container

Quant Cloud application container (required when application_proxy is true)

string
application_port

Quant Cloud application port (required when application_proxy is true)

integer
quant_cloud_selection

Quant Cloud application proxy selection (populated automatically when application_proxy is enabled)

object
app

Application name

string
env

Environment name

string
container

Container name

string
port

Container port

integer
static_error_page

Static error page content (HTML) to serve on origin errors

string
nullable
static_error_page_status_codes

Origin status codes that trigger static error page

Array<string>
Example
{
"name": "Test redirect rule",
"uuid": "123e4567-e89b-12d3-a456-426614174000",
"rule_id": "rule-001",
"weight": 0,
"url": [
"/old-path/*",
"/legacy/*"
],
"domain": [
"test-domain.com",
"*.test-domain.com"
],
"disabled": false,
"only_with_cookie": "session_id",
"method": "GET",
"method_is": [
"GET",
"POST"
],
"method_is_not": [
"DELETE",
"PUT"
],
"ip": "192.168.1.1",
"ip_is": [
"192.168.1.0/24",
"10.0.0.1"
],
"ip_is_not": [
"172.16.0.0/12"
],
"asn": "any",
"asn_is": [
"15169",
"8075"
],
"asn_is_not": [
"13335"
],
"country": "US",
"country_is": [
"US",
"CA",
"GB"
],
"country_is_not": [
"CN",
"RU"
],
"action": "redirect",
"action_config": {
"to": "https://backend.test-domain.com",
"host": "backend.test-domain.com",
"auth_user": "admin",
"auth_pass": "secure_password",
"disable_ssl_verify": false,
"cache_lifetime": "3600",
"only_proxy_404": false,
"inject_headers": {
"X-Custom-Header": "value",
"Authorization": "Bearer token"
},
"proxy_strip_headers": [
"Set-Cookie",
"Server"
],
"proxy_strip_request_headers": [
"Cookie",
"Authorization"
],
"origin_timeout": "30",
"failover_mode": false,
"failover_origin_ttfb": "2000",
"failover_origin_status_codes": [
"200",
"404",
"301",
"302",
"304"
],
"failover_lifetime": "300",
"notify": "none",
"notify_config": {
"webhook_url": "https://hooks.slack.com/services/XXXXXX"
},
"waf_enabled": false,
"waf_config": {
"mode": "report",
"paranoia_level": 1,
"notify_slack": "https://hooks.slack.com/services/XXX",
"notify_slack_hits_rpm": 100,
"httpbl": {
"httpbl_enabled": false,
"block_suspicious": false,
"block_harvester": false,
"block_spam": false,
"block_search_engine": false
},
"block_lists": {
"user_agent": false,
"referer": false,
"ip": false,
"ai": false
},
"thresholds": [
{
"type": "ip",
"rps": 10,
"hits": 10,
"minutes": 5,
"cooldown": 30,
"mode": "disabled"
}
]
},
"proxy_alert_enabled": false,
"proxy_inline_fn_enabled": false,
"application_proxy": false,
"application_name": "my-app",
"application_environment": "production",
"application_container": "web",
"application_port": 80,
"quant_cloud_selection": {
"app": "my-app",
"env": "production",
"container": "web",
"port": 80
},
"static_error_page": "<html><body>Service temporarily unavailable</body></html>",
"static_error_page_status_codes": [
"500",
"502",
"503",
"504"
]
}
}

The server could not understand the request due to invalid syntax.

Media typeapplication/json
object
message
required

Error message

string
error
required

Error flag

boolean
Example
{
"message": "The requested resource was not found",
"error": true
}

Access is forbidden.

Media typeapplication/json
object
message
required

Error message

string
error
required

Error flag

boolean
Example
{
"message": "The requested resource was not found",
"error": true
}