What Data Is Required for Connecting a Domain Name/IP Address to WAF?
Prepare information required for connecting a domain name or IP address to WAF based on the mode of WAF instance you plan to buy.
- Cloud - CNAME
Table 1 Domain name information required Information
Parameter
Description
Example
Whether a proxy is used for the domain name
Proxy
This parameter must be set to Layer-7 proxy if a layer-7 web proxy, such as CDN and cloud acceleration service, has been deployed for your website before you connect the website to WAF.
-
Configuration parameters
Domain Name
The domain name is used by visitors to access your website. A domain name consists of letters separated by dots (.). It is a human readable address that maps to the machine readable IP address of your server.
www.example.com
Protected Port
The service port corresponding to the domain name of the website you want to protect.
- Standard ports
- 80: default port when the client protocol is HTTP
- 443: default port when the client protocol is HTTPS
- Non-standard ports
Ports other than ports 80 and 443
NOTICE:If your website uses a non-standard port, check whether the WAF edition you plan to buy can protect the non-standard port before you make a purchase. For details, see Which Non-Standard Ports Does WAF Support?
80
HTTP/2
HTTP/2 can be used only for access between the client and WAF on the condition that at least one origin server has HTTPS used for Client Protocol.
-
Client Protocol
Protocol used by a client (for example, a browser) to access the website. WAF supports HTTP and HTTPS.
HTTP
Server Protocol
Protocol used by WAF to forward requests from the client (such as a browser). The options are HTTP and HTTPS.
HTTP
Server Address
Public IP address or domain name of the origin server for a client (such as a browser) to access. Generally, a public IP address maps to the A record of the domain name configured on the DNS, and a domain name to the CNAME record.
XXX.XXX.1.1
(Optional) Certificate
Certificate Name
If you set Client Protocol to HTTPS, you are required to configure a certificate on WAF and associate the certificate with the domain name.
NOTICE:Only .pem certificates can be used in WAF. If the certificate is not in PEM format, convert it into pem format by referring to How Do I Convert a Certificate into PEM Format?
-
- Standard ports
- Cloud -Load balancer
Table 2 Domain name or IP address details required Parameter
Description
Example Value
Domain Name/IP Address
- Domain name: used by visitors to access your website. A domain name consists of letters separated by dots (.). It is a human readable address that maps to the machine readable IP address of your server.
- IP: IP address of the website.
www.example.com
- Dedicated mode
Table 3 Domain name or IP address details required Information
Parameter
Description
Example
Configuration parameters
Protected Object
- Domain name: used by visitors to access your website. A domain name consists of letters separated by dots (.). It is a human readable address that maps to the machine readable IP address of your server.
- IP: IP address of the website.
www.example.com
Protected Port
The service port corresponding to the domain name of the website you want to protect.
- Standard ports
- 80: default port when the client protocol is HTTP
- 443: default port when the client protocol is HTTPS
- Non-standard ports
Ports other than ports 80 and 443
NOTICE:If your website uses a non-standard port, check whether the WAF edition you plan to buy can protect the non-standard port before you make a purchase. For details, see Which Non-Standard Ports Does WAF Support?
80
Client Protocol
Protocol used by a client (for example, a browser) to access the website. WAF supports HTTP and HTTPS.
HTTP
Server Protocol
Protocol used by WAF to forward requests from the client (such as a browser). The options are HTTP and HTTPS.
HTTP
VPC
Select the VPC to which the dedicated WAF instance belongs.
vpc-default
Server Address
Private IP address of the website server.
192.168.1.1
(Optional) Certificate
Certificate Name
If you set Client Protocol to HTTPS, you are required to configure a certificate on WAF and associate the certificate with the domain name.
NOTICE:- Only .pem certificates can be used in WAF. If the certificate is not in PEM format, convert it into pem format by referring to How Do I Convert a Certificate into PEM Format?
- Currently, certificates purchased in Huawei Cloud SCM can be pushed only to the default enterprise project. For other enterprise projects, SSL certificates pushed by SCM cannot be used.
-
Website Connect Issues FAQs
- How Do I Add a Domain Name/IP Address to WAF?
- Which Non-Standard Ports Does WAF Support?
- How Do I Use a Dedicated WAF Instance to Protect Non-Standard Ports That Are Not Supported by the Dedicated Instance?
- How Do I Configure Domain Names to Be Protected When Adding Domain Names?
- Do I Have to Configure the Same Port as That of the Origin Server When Adding a Website to WAF?
- How Do I Whitelist Back-to-Source IP Addresses of Cloud WAF?
- How Do I Configure Non-standard Ports When Adding a Protected Domain Name?
- What Data Is Required for Connecting a Domain Name/IP Address to WAF?
- How Do I Safely Delete a Protected Domain Name?
- How Long Will CNAME Records Be Retained After I Delete a Domain Name from WAF?
- Can I Change the Domain Name That Has Been Added to WAF?
- What Are the Precautions for Configuring Multiple Server Addresses for Backend Servers?
- Does WAF Support Wildcard Domain Names?
- Does WAF Protect Chinese Domain Names?
- How Do I Route Website Traffic to My Cloud WAF Instance?
- What Can I Do If the Message "Illegal server address" Is Displayed When I Add a Domain Name?
- Why Am I Seeing That My Domain Quota Is Insufficient When There Is Still Remaining Quota?
- Can I Configure Multiple Load Balancers for a Dedicated WAF Instance?
- Why Am I Seeing the "Someone else has already added this domain name. Please confirm that the domain name belongs to you" Error Message?
- How Do I Configure the Client Protocol and Server Protocol?
- Why Cannot I Select a Client Protocol When Adding a Domain Name?
- Can I Set the Origin Server Address to a CNAME Record If I Use Cloud WAF?
- How Do I Modify DNS Record on Huawei Cloud DNS?
- How Do I Verify Domain Ownership Using Huawei Cloud DNS?
- How Do I Configure the TXT Record on HUAWEI CLOUD DNS Service?
- What Are Impacts If No Subdomain Name and TXT Record Are Configured?
- How Do I Query a Domain Name Provider?
- How Do I Use A Records for Domain Name Resolution?
- What Are the Differences Between the Old and New CNAME Records?
- Can I Access a Website Using an IP Address After a Domain Name Is Connected to WAF?
- How Do I Test WAF?
- How Can I Forward Requests Directly to the Origin Server Without Passing Through WAF?
- Why Cannot the Protection Mode Be Enabled After a Domain Name Is Connected to WAF?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore