Protected Domain Names

Description

You can enter a single domain name of a certain level (for example, top-level domain name example.com or level-2 domain name www.example.com) or a wildcard domain name (*.example.com).
The following are the rules for adding wildcard domain names:
- If the server IP address of each subdomain name is the same, enter a wildcard domain name to be protected. For example, if the subdomain names a.example.com, b.example.com, and c.example.com have the same server IP address, you can add the wildcard domain name *.example.com to WAF to protect all three.
- If the server IP addresses of subdomain names are different, add each subdomain name as a single domain name one by one.
A domain name can only be added to WAF once in cloud mode.
Each combination of a domain name and a non-standard port is counted towards the domain name quota of the WAF edition you are using. For example, www.example.com:8080 and www.example.com:8081 use two domain names of the quota. If you want to protect web services over multiple ports with the same domain name, add the domain name and each port to WAF.
Domain names you want to add to a cloud WAF instance must have ICP licenses. Otherwise, they cannot be added to WAF.

FAQs

Does WAF Protect Chinese Domain Names?

WAF cannot be used to protect Chinese domain names. To add a domain name to WAF, make sure it contains a maximum of 63 characters and only letters, digits, hyphens (-), and underscores (_).

Selecting a Domain Name Type

WAF supports single domain names and wildcard domain names.

The domain name purchased from the DNS service provider is a single domain name (example.com). The domain name added to WAF can be example.com, a subdomain name (for example, a.example.com), or wildcard domain name (*.example.com). You can select a domain name type based on the following scenarios:

If services of a domain name to be protected are the same, enter a single domain name. For example, if all the services of www.example.com to be protected are services on port 8080, set Domain Name to a single domain name www.example.com.
If the server IP address of each subdomain name is the same, enter a wildcard domain name to be protected. For example, if the server IP addresses corresponding to a.example.com, b.example.com, and c.example.com are the same, Domain Name can be set to a wildcard domain name *.example.com.
If the server IP addresses of subdomain names are different, add subdomain names as single domain names one by one.

You are advised to set the added domain name to be protected to be the same as the domain name that is set at the DNS provider.

Can WAF Protect Multiple Domain Names That Point to the Same Origin Server?

Yes. If there are multiple domain names pointing to the same origin server, you can connect these domain names to WAF, and WAF will protect them all.

Can I Change the Domain Name That Has Been Added to WAF?

After a domain name is added to WAF, you cannot change its name. If you want to change the protected domain name, you are advised to delete the original one and add the domain name you want to protect.

Why Am I Seeing That My Domain Quota Is Insufficient When There Is Still Remaining Quota?

The domain name quota contains top-level and second-level domain names. This happens when your quota for the top-level domain name is used up but you try to add a top-level domain name to WAF.

If A Single Domain Name and A Wildcard Domain Name Are Added To WAF at The Same Time, Which Domain Name Will WAF Check First?

WAF first checks the domain name that points to a specific page. For example, if www.example.com, *.a.example.com, and *.example.com are added to WAF, WAF checks them in the following sequence: www.example.com > *.a.example.com > *.example.com.

Parent Topic: Adding a Domain Name to WAF (Cloud Mode)

Previous topic: Adding a Domain Name to WAF (Cloud Mode)

Next topic: Protected Port