All Products
Search
Document Center

Web Application Firewall:Exclusive IP addresses

Last Updated:Sep 12, 2023

By default, a Web Application Firewall (WAF) instance uses a shared IP address to protect all domain names. If the traffic of this shared IP address is routed to a blackhole due to DDoS attacks on one of the domain names, the other domain names cannot be accessed. If you want to enable exclusive protection for a specific domain name, you can purchase an exclusive IP address. This topic describes how to purchase and use exclusive IP addresses.

Prerequisites

Your website is added to WAF in CNAME record mode.

Purchase and use an exclusive IP address

  1. Purchase an exclusive IP address by upgrading the WAF instance. For more information, see Upgrade.

  2. Log on to the WAF 3.0 console. In the top navigation bar, select the resource group and the region to which the WAF instance belongs. You can select Chinese Mainland or Outside Chinese Mainland for the region.

  3. Choose Asset Center > Website Access.

  4. On the Website Access page, find the domain name for which you want to enable an exclusive IP address. Set Protection Resource to Shared Cluster and Exclusive IP in the Quick Access column.

    After you enable an exclusive IP address for a domain name and the domain name is added to WAF in CNAME record mode, the CNAME of the domain name is automatically resolved to the exclusive IP address. You can ping the CNAME of the domain name to check whether the domain name is resolved to the required exclusive IP address.