With this release a user will now be able to install and use the cli with pip command:
pip3 install cwaf-cli
This application provides a simple to use CLI that reflects industry standards (such as the AWS cli), and enables customers to easily integrate into configurations management, orchestration or automation frameworks to support the DevOps model
This CLI is a Python 3 application and has been tested with Python 3.6 -> 3.8
python 3.6 or higher
Open a terminal
Enter: python -V or python3 -V
python <path>/incap.py -h
usage: incap <resource> <command> [options]
CLI for site, account and security CRUD on Incapsula via API.
positional arguments:
{config,site,account}
config Use config to add the default API_ID, API_KEY and
Account_ID.
site Used to add, delete and configure Incapsula sites.
account Used to add, delete and configure Incapsula accounts.
optional arguments:
-h, --help show this help message and exit
--version show program's version number and exit
https://www.python.org/downloads/
incap --help
incap site --help
incap site acl --help
incap site add www.imperva.com
incap site list_incaprule 123456
incap config api_id api_key account_id
incap config --profile=special_name --repo=/Users/<username>/your_repo_location --baseurl=https://my.incapsula.com 26012 ejf903rie-3983030ie23r2r39j0 2398
Set environment for the following:
IMPV_API_ID
IMPV_API_KEY
IMPV_ACCOUNT_ID
IMPV_BASEURL
IMPV_REPO (optional for exporting cwaf site configurations as JSON locally)
cmd line args
Environment variables
config.ini
incap site add www.imperva.com
incap site status 123456
incap site delete 123456
incap rule list_incaprule 123456
incap rule add_incaprule --name="Testing block crawlers" --action=RULE_ACTION_ALERT --filter="ClientType == Crawler" 123456
incap rule edit_incaprule --name="BA HTTP" --filter='(Method == POST;PUT)' --action=RULE_ACTION_ALERT 123456
incap rule del_incaprule 123456
incap add-rule 123456 '{
"action": "RULE_ACTION_BLOCK_IP",
"enabled": "true",
"filter": "ASN == 21",
"name": "Example rule to block ip"
}'
incap rule get-rule 123456 654321
incap rule dup-rule 123456 654231 456123 -- (from_site_id from_rule_id to_site_id)
incap update-rule 123456 654321 '{
"action": "RULE_ACTION_BLOCK_IP",
"enabled": "true",
"filter": "ASN == 16409",
"name": "Example rule to block ip from AWS."
}'
incap override-rule 123456 654321 '{
"action": "RULE_ACTION_BLOCK_IP",
"enabled": "true",
"filter": "ASN == 16409",
"name": "Example rule to block ip from AWS."
}'
incap rule del-rule 123456 654321
incap site security --security_rule_action=block_ip sql_injection 123456
incap site acl --ips=107.232.12.4,102.232.22.99 blacklisted_ips 123456
incap site whitelist --urls='/home,/example' --countries='JM,CA' --continents='AF' --ips='192.168.1.1,172.21.12.0/24' --client_app_types='Browser' --client_apps='68' --user_agents='curl' cross_site_scripting 123456
incap site cache-rule --never_cache_resource_url=/help,login --never_cache_resource_pattern=prefix,contains 123456
incap site get-cache-mode 123456
incap site edit-cache-mode --aggressive_cache_duration=5_hr --dynamic_cache_duration=5_days static_and_dynamic 123456
incap site advanced-cache {param} {value} 123456
incap site advanced-cache async_validation true 123456
incap site export –-path=/Users/<name>/backups --filename={site_id}_{domain}
incap site export –-path=/Users/<name>/backups --filename={domain}_{site_id}
incap site export –-path=/Users/<name>/backups --filename={site_id}_{date}
incap site export –-path=/Users/<name>/backups --filename={domain}_{date}
incap site export –-path=/Users/<name>/backups --filename={site_id}
incap site export –-path=/Users/<name>/backups --filename={domain}
incap site export –-path=/Users/<name>/backups --filename={site_id}_{domain}_REV3_1B
incap site export –-site_id=123456
Path in the backup is option and will use the repo path in the config file or environment variable.
incap site restore --domain=www.example.com /Users/<name>/backups/www.template.com.json
incap site upcert --private_key="/<cert_location>/mooreassistance_net_apache-selfsigned.key" "/<cert_location>/www_mooreassistance_net_apache-selfsigned.crt" --passphrase=password SITE_ID
incap site delcert 123456
incap site add-dc name server_address site_id
incap site list-dc site_id
incap site edit-dc dc_id name
incap site del-dc dc_id
incap site add-server server_address dc_id
incap site edit-server server_id
incap site del-server server_id
python3 -m unittest test_incap_cli.py