Merge pull request #505 from G-Core/31-october-edge

https://jira.gcore.lu/browse/CD-3275

documentation/web-security/faq/how-do-i-get-a-list-of-all-banned-ip-addresses-for-all-resources.md

@@ -0,0 +1,29 @@
+---
+title: how-do-i-get-a-list-of-all-banned-ip-addresses-for-all-resources
+displayName: Get all banned IP addresses for all resources
+published: true
+order: 140
+toc:
+pageTitle: FAQ. All banned IP addresses| Gcore
+pageDescription: How to get a list of all banned IP addresses for all resources via the API request. 
+---
+#  How do I get a list of all banned IP addresses for all resources?
+
+You can get a list of all banned IP addresses for all Web Security product resources using an API request:
+
+```
+// @name Get protected ip addresses
+GET https://api.gcore.com/security/resources
+Authorization: Bearer {{token_client}}
+Content-Type: application/json
+
+> {%
+	let ip_list = [];
+	for (let resource of response.body) {
+    	for (let item of resource["whitelists"]) {
+        	ip_list.push(item["whitelist_data"]);
+    	}
+	}
+	client.log(ip_list);
+%}
+```

documentation/web-security/faq/how-do-i-renew-my-ssl-certificate.md

@@ -0,0 +1,47 @@
+---
+title: how-do-i-renew-my-ssl-certificate
+displayName: Renew SSL certificates
+published: true
+order: 150
+toc:
+pageTitle: FAQ. Renew SSL certificates attached to your resources under protection | Gcore
+pageDescription: How to renew an SSL certificate depending on its type—Let's Encrypt or Custom. 
+---
+# How do I renew my SSL certificate?
+
+Depending on the type of SSL certificate selected for the resource under protection, there are two options for renewing certificates.
+
+1. If you have **Let's Encrypt**, it will be renewed automatically.
+
+2. If you have a **Custom** certificate, you must reissue it yourself via the certificate authority, delete the current certificate in your resource settings, and add the reissued certificate in the Customer portal according to the <a href="https://gcore.com/docs/web-security/add-an-ssl-certificate-to-your-resource#add-custom-certificate-to-your-resource" target="_blank">Add Custom certificate</a> to your resource guide. You can also add a reissued custom certificate via the API request: 
+
+```
+// @name Get client ddos resource
+GET {{base_ddos}}/resources/<resource_id>
+Authorization: Bearer {{token_client}}
+Content-Type: application/json
+
+> {%
+	client.global.set("resource", JSON.stringify(response.body.resource));
+%}
+
+###
+
+// @name Update custom SSL certificate for the ddos resource
+< {%
+	let resource = client.global.get("resource");
+	resource = JSON.parse(resource);
+	resource["service_ssl_crt"] = "-----BEGIN CERTIFICATE-----\n<certificate_data>\n-----END CERTIFICATE-----";
+	resource["service_ssl_key"] = "-----BEGIN PRIVATE KEY-----\n<private_key_data>\n-----END PRIVATE KEY-----";
+	resource = JSON.stringify(resource);
+	request.variables.set("resource_custom_cert", resource);
+%}
+PUT {{base_ddos}}/resources/<resource_id>
+Authorization: Bearer {{token_client}}
+Content-Type: application/json
+
+{{resource_custom_cert}}
+```
+
+**Note**: We do not automatically notify you of SSL certificate expiry dates, so you should monitor the expiry date yourself.
+

documentation/web-security/faq/how-to-force-an-ip-ban.md

@@ -0,0 +1,59 @@
+---
+title: how-to-force-an-ip-ban
+displayName: Force an IP ban
+published: true
+order: 130
+toc:
+   --1--Force in customer portal: "force-an-ip-ban-in-the-customer-portal"
+   --1--Force via API: "force-an-ip-ban-via-api"
+pageTitle: FAQ. Force an IP ban | Gcore
+pageDescription: How to force an IP ban in the customer portal and via API. 
+---
+# How to force an IP ban
+
+You can force an IP or subnet mask ban using a whitelist policy. This allows requests from all IPs or subnets, except specified IPs or subnet masks.
+
+**Note**: To ban all IPs or subnets *except specified values*, select the blacklist option.
+
+You can set an IP ban in two ways: in the customer portal or via the API. 
+
+## Force an IP ban in the customer portal
+
+1\. Go to your <a href="https://control.gcore.com/resources/all" target="_blank">list of resources under protection</a>.
+
+2\. Click three dots on the line of the relevant resource and click **Access Policy**.
+
+<img src="https://assets.gcore.pro/docs/web-security/faq/how-to-force-an-ip-ban/force-ip-ban-10.png" alt="How to open Access Policy settings of the resource under protection" width="80%">
+
+3\. On the page that opens, type the IPs or subnet masks in the “Whitelist” field (click the plus button on the right to add more than one) and save changes. 
+
+<img src="https://assets.gcore.pro/docs/web-security/faq/how-to-force-an-ip-ban/force-ip-ban-20.png" alt="How to force an IP ban" width="80%">
+
+That’s it. The specified IP will be banned for two hours. 
+
+## Force an IP ban via API
+
+Here’s an example of restricting a specific IP using an API request:
+
+```
+// @name Get client ddos resource
+GET https://api.gcore.com/security/resources/<resource_id>
+Authorization: Bearer {{token_client}}
+Content-Type: application/json
+> {%
+	client.global.set("resource", JSON.stringify(response.body.resource));
+%}
+###
+// @name Add whitelist into ddos resources
+< {%
+	let resource = client.global.get("resource");
+	resource = JSON.parse(resource);
+	resource["whitelists"] = [{"whitelist_data": "3.3.3.3"}];
+	resource = JSON.stringify(resource);
+	request.variables.set("resource_whitelist", resource);
+%}
+PUT https://api.gcore.com/security/resources/<resource_id>
+Authorization: Bearer {{token_client}}
+Content-Type: application/json
+{{resource_whitelist}}
+```