Ddos API 参考

# DDoS API ## 端点 ### HTTP DDoS (L7) typescript // 区域级 PUT /zones/{zoneId}/rulesets/phases/ddos_l7/entrypoint GET /zones/{zoneId}/rulesets/phases/ddos_l7/entrypoint // 账户级 (企业高级版) PUT /accounts/{accountId}/rulesets/phases/ddos_l7/entrypoint GET /accounts/{accountId}/rulesets/phases/ddos_l7/entrypoint ### 网络 DDoS (L3/4) typescript // 仅限账户级 PUT /accounts/{accountId}/rulesets/phases/ddos_l4/entrypoint GET /accounts/{accountId}/rulesets/phases/ddos_l4/entrypoint ## TypeScript SDK **SDK 版本**: 规则集阶段方法需要 `cloudflare` >= 3.0.0。 typescript import Cloudflare from "cloudflare"; const client = new Cloudflare({ apiToken: process.env.CLOUDFLARE_API_TOKEN }); // 第一步：发现托管规则集 ID（覆盖所需） const allRulesets = await client.rulesets.list({ zone_id: zoneId }); const ddosRuleset = allRulesets.result.find( (r) => r.kind === "managed" && r.phase === "ddos_l7" ); if (!ddosRuleset) throw new Error("未找到 DDoS 托管规则集"); const managedRulesetId = ddosRuleset.id; // 第二步：获取当前 HTTP DDoS 配置 const entrypointRuleset = await client.zones.rulesets.phases.entrypoint.get("ddos_l7", { zone_id: zoneId, }); // 第三步：使用覆盖更新 HTTP DDoS 规则集 await client.zones.rulesets.phases.entrypoint.update("ddos_l7", { zone_id: zoneId, rules: [ { action: "execute", expression: "true", action_parameters: { id: managedRulesetId, // 来自发现步骤 overrides: { sensitivity_level: "medium", action: "managed_challenge", }, }, }, ], }); // 网络 DDoS (账户级, L3/4) const l4Rulesets = await client.rulesets.list({ account_id: accountId }); const l4DdosRuleset = l4Rulesets.result.find( (r) => r.kind === "managed" && r.phase === "ddos_l4" ); const l4Ruleset = await client.accounts.rulesets.phases.entrypoint.get("ddos_l4", { account_id: accountId, }); ## 警报配置 typescript interface DDoSAlertConfig { name: string; enabled: boolean; alert_type: "http_ddos_attack_alert" | "layer_3_4_ddos_attack_alert" | "advanced_http_ddos_attack_alert" | "advanced_layer_3_4_ddos_attack_alert"; filters?: { zones?: string[]; hostnames?: string[]; requests_per_second?: number; packets_per_second?: number; megabits_per_second?: number; ip_prefixes?: string[]; // CIDR ip_addresses?: string[]; }; }