Challenge cURL Requests

Learn how to challenge curl requests with the Vercel WAF API.
Last updated on November 14, 2024
Security

In the following example, we send a Patch request to the Update Firewall Configuration endpoint of the Vercel REST API security group. This request creates a new rule in your project's WAF configuration.

Both the conditionGroup and action body parameters are required fields

A cURL(Client URL) request is often used by attackers to perform automated activities like scraping, brute force attacks, or other malicious activities. To mitigate such risks, create a custom rule using the following code:

app/api/firewall/route.ts
export async function PATCH() {
  let baseUrl = 'https://api.vercel.com/v1/security/firewall/config';
  let teamId = 'team_a5j...';
  let projectId = 'QmTrK...';
 
  const body = JSON.stringify({
    action: 'rules.insert',
    id: null,
    value: {
      active:
        true /** Whether this rule is enabled or not in your Vercel WAF configuration */,
      name: 'Challenge Curl',
      description: 'Challenge all traffic from curl requests',
      conditionGroup: [
        {
          conditions: [
            {
              op: 'sub' /** Operator used to compare - sub is equivalent to "Contains" */,
              type: 'user_agent' /** Parameter from incoming traffic */,
              value: 'curl',
            },
          ],
        },
      ],
      action: {
        mitigate: {
          action: 'challenge',
          rateLimit: null,
          redirect: null,
          actionDuration: null,
        },
      },
    },
  });
 
  let res = await fetch(`${baseUrl}?projectId=${projectId}&teamId=${teamId}`, {
    method: 'PATCH',
    headers: {
      Authorization: `Bearer ${process.env.VERCEL_TOKEN}`,
      'Content-Type': 'application/json',
    },
    body,
  });
 
  if (!res.ok) {
    return Response.json(
      { status: 'Failed to update Firewall' },
      { status: res.status },
    );
  }
 
  return Response.json({ status: 'New rule added to Firewall' });
}