How Do I Add a Domain Name/IP Address to WAF?
In cloud CNAME mode or dedicated mode, WAF works as a reverse proxy between the client and the server. The real IP address of the server is hidden and only the IP address of WAF is visible to web visitors.
In cloud-load balancer mode, WAF extracts website traffic through the SDK embedded in the gateway of the load balancer for inspection. The load balancer determines whether to forward client requests to the origin server based on the WAF inspection result. In this method, WAF does not forward traffic. This reduces compatibility and stability problems.
- Cloud - CNAME: protects your web applications that have domain name and are deployed on any clouds or in on-premises data centers.
- Cloud - Load balancer: protects your web applications that are deployed on Huawei Cloud and accessible over domain names or IP addresses.
- Dedicated: protects your web applications that are deployed on Huawei Cloud and accessible over domain names or IP addresses.
- You can enter a multi-level single domain name (for example, top-level domain name example.com or second-level domain name www.example.com) or a wildcard domain name (*.example.com). The processes of connecting domain names to different WAF instance types are the same.
- If the server IP address of each subdomain name is the same, enter a wildcard domain name. For example, if the subdomain names a.example.com, b.example.com, and c.example.com have the same server IP address, you can add the wildcard domain name *.example.com to WAF to protect all three.
- If the server IP addresses of subdomain names are different, add subdomain names as single domain names one by one.
- A domain name cannot be added to WAF cloud mode repeatedly.
Each combination of a domain name and a non-standard port is counted towards the domain name quota of the WAF edition you are using. For example, www.example.com:8080 and www.example.com:8081 use two domain names of the quota. If you want to protect web services over multiple ports with the same domain name, add the domain name and each port to WAF.
For details, see Edition Differences.
The following figure shows the process of connecting a website to WAF in each mode.
For more details, see Adding a Domain Name to WAF.
- If Access Status for protected website is Inaccessible, rectify the fault by referring to Why Is My Domain Name or IP Address Inaccessible?
- If your website becomes inaccessible after it is connected to WAF, rectify the issue by referring to How Do I Troubleshoot 404/502/504 Errors?
Domain Name and Port Configuration FAQs
- How Do I Add a Domain Name/IP Address to WAF?
- Which Non-Standard Ports Does WAF Support?
- How Do I Use a Dedicated WAF Instance to Protect Non-Standard Ports That Are Not Supported by the Dedicated Instance?
- How Do I Configure Domain Names to Be Protected When Adding Domain Names?
- Do I Have to Configure the Same Port as That of the Origin Server When Adding a Website to WAF?
- How Do I Configure Non-standard Ports When Adding a Protected Domain Name?
- What Can I Do If One of Ports on an Origin Server Does Not Require WAF Protection?
- What Data Is Required for Connecting a Domain Name/IP Address to WAF?
- How Do I Safely Delete a Protected Domain Name?
- How Long Will CNAME Records Be Retained After I Delete a Domain Name from WAF?
- Can I Change the Domain Name That Has Been Added to WAF?
- What Are the Precautions for Configuring Multiple Server Addresses for Backend Servers?
- Does WAF Support Wildcard Domain Names?
- Does WAF Protect Chinese Domain Names?
- How Do I Route Website Traffic to My Cloud WAF Instance?
- What Can I Do If the Message "Illegal server address" Is Displayed When I Add a Domain Name?
- Why Am I Seeing That My Domain Quota Is Insufficient When There Is Still Remaining Quota?
- Can I Configure Multiple Load Balancers for a Dedicated WAF Instance?
- Why Am I Seeing the "Someone else has already added this domain name. Please confirm that the domain name belongs to you" Error Message?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore