Help Center/ Anti-DDoS Service/ User Guide/ Advanced Anti-DDoS User Guide/ Connecting Services to AAD/ Connecting Domain Name-based Website Services to AAD
Updated on 2025-08-27 GMT+08:00

Connecting Domain Name-based Website Services to AAD

If your services are provided via a domain name licensed by ICMP, you can connect the domain name to AAD to safeguard against heavy-traffic DDoS attacks.

Process of Connecting Website Services to AAD

Figure 1 shows the process of connecting website services to AAD.
Figure 1 Process of connecting website services to AAD

Limitations and Constraints

  • If the server protocol is HTTPS, you need to upload a certificate. Currently, AAD supports only certificates in PEM format.
  • A CNAME record is generated based on the domain name. For the same domain name, the CNAME records are the same.
  • If the origin server domain name is a CNAME, only a CNAME of Huawei Cloud WAF is supported.
  • You can select multiple lines (high-defense IP addresses) for a domain name. When selecting multiple high-defense IP addresses, ensure that the number of forwarding rules, the forwarding protocol, forwarding port, and service type configured for each AAD IP address are the same.