To ensure your site is fully optimized with the StackPath WAF, it's important to make sure all API endpoints are configured correctly. Configuring your API endpoint properly ensures that users access APIs securely and do not receive browser validation techniques.
This article assumes a WAF site is already configured through the StackPath Control Panel. If you haven't set up a WAF site, please view our how-to article here.
For APIs that are hosted on a separate domain StackPath will soon launch dedicated API protection and acceleration.
How to add an endpoint
If your web application is using an API that is implemented on the same domain, e.g. www.yoursite.com/restfulapi, then you need to configure it under WAF > Firewall > API URL Configuration
- Log into your StackPath Control Panel
- Select the Stack you want to modify
- Navigate to the WAF tab for your selected Stack
- Under your list of WAF sites, choose the Site you want to modify
- Select the Firewall tab of your selected Site.
- Under the Firewall tab of your site, see API URL Configuration. Enter the path of the APIs under your domain you would like to configure.
- Paths are recursively allowed. For example, api/ allows api/v1/*, api/v2/*, etc.
- Does not accept regex/wildcard input
- Add multiple paths for multiple APIs
- Protocol not included
Changes will be automatically applied, and your API should be accessible. Test your endpoints by performing a cURL on any endpoint to verify that data is retrievable outside of a browser. A 200 server response code should be returned.
If you have any additional questions or concerns, please contact our 24/7 support at firstname.lastname@example.org or via live chat.