Web Application Firewall (WAF) provides a shared IP address by default for multiple domain names. If a DDoS attack on one domain name causes the shared IP address to be blackholed, the other domain names become inaccessible. To enable exclusive protection for a specific domain name, you can purchase an exclusive IP address. This topic describes how to purchase and use exclusive IP addresses.
Prerequisites
The website is accessed via a CNAME record.
Purchase and use a domain name-exclusive resource plan
Purchase an additional domain name-exclusive resource plan by upgrading your WAF instance. For more information about how to upgrade an instance, see Renewal policy.
Log on to the WAF console. In the top navigation bar, select the resource group and the region (Chinese Mainland or Outside Chinese Mainland) of the WAF instance.
In the navigation pane on the left, choose .
On the Website Access page, find the domain name for which you want to enable an exclusive IP address, and then in the Quick Access column, set Protection Resource to Shared Cluster and Exclusive IP Address.
After you enable the exclusive IP address, the CNAME record for the domain name is automatically updated to resolve to the new exclusive IP address. You can ping the CNAME record for the domain name to confirm that it resolves to the new WAF IP address.
ImportantIf the domain name is resolved using an A record instead of a CNAME record, the DNS resolution cannot be automatically switched. Your service traffic may be interrupted when you enable or disable the exclusive IP address.