All Products
Search

This Product

    Anti-DDoS:ConfigL7RsPolicy

    Document Center

    Anti-DDoS:ConfigL7RsPolicy

    Last Updated:Feb 25, 2026

    Configures a back-to-origin policy for the forwarding rule of a website.

    Operation description

    If multiple origin servers are configured for a website that is added to Anti-DDoS Pro or Anti-DDoS Premium, you can modify the load balancing algorithms for back-to-origin traffic based on back-to-origin policies. The IP hash algorithm is used by default. You can change the algorithm to the round-robin or least response time algorithm. For more information, see the description of the Policy parameter in the "Request parameters" section of this topic.

    Try it now

    Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

    Test

    RAM authorization

    No authorization for this operation. If you encounter issues with this operation, contact technical support.

    Request parameters

    Parameter

    Type

    Required

    Description

    Example
    ResourceGroupId

    string

    No

    The ID of the resource group to which the instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group.

    For more information about resource groups, see Create a resource group.

    rg-acfm2pz25js****
    Domain

    string

    Yes

    The domain name of the website.

    Note

    A forwarding rule must be configured for the domain name. You can call the DescribeDomains operation to query the domain names for which forwarding rules are configured.

    www.aliyun.com
    Policy

    string

    Yes

    The back-to-origin policy. The value is a string that consists of a JSON struct. The JSON struct contains the following fields:

    • ProxyMode: The load balancing algorithm for back-to-origin traffic. This field is required and must be a string. Valid values:

      • ip_hash: the IP hash algorithm. This algorithm is used to redirect requests from the same IP address to the same origin server.

      • rr: the round-robin algorithm. This algorithm is used to redirect requests to origin servers in turn. If you use this algorithm, you can specify a weight for each server based on server performance.

      • least_time: the least response time algorithm. This algorithm is used to minimize the latency when requests are forwarded from the instance to origin servers based on the intelligent DNS resolution feature.

    • Attributes: the parameters for back-to-origin processing. This field is optional and must be a JSON array. Each element in the array contains the following fields:

      • RealServer: the address of the origin server. This field is optional and must be a string.

      • Attribute: the parameter for back-to-origin processing. This field is optional and must be a JSON object. Valid values:

        • Weight: the weight of the server. This field is optional and must be an integer. This field takes effect only when ProxyMode is set to rr. Valid values: 1 to 100. Default value: 100. An origin server with a higher weight receives more requests.

        • ConnectTimeout: the timeout period for new connections. This field is optional and must be an integer. Valid values: 1 to 10. Unit: seconds. Default value: 5.

        • FailTimeout: the period after which a connection is considered to have failed. This field is optional and must be an integer. Valid values: 1 to 3600. Unit: seconds. Default value: 10.

        • MaxFails: the maximum number of failures allowed. This field is related to health checks. This field is optional and must be an integer. Valid values: 1 to 10. Unit: seconds. Default value: 3.

        • Mode: the primary/secondary attribute flag. This parameter is optional and must be a string. Valid values: active (primary) and backup (secondary).

        • ReadTimeout: the read timeout period. This field is optional and must be an integer. Valid values: 10 to 300. Unit: seconds. Default value: 120.

        • SendTimeout: the write timeout period. This field is optional and must be an integer. Valid values: 10 to 300. Unit: seconds. Default value: 120.

    {"ProxyMode":"rr","Attributes":[{"RealServer":"1.***.***.1","Attribute":{"Weight":100,"ConnectTimeout":5,"FailTimeout":10,"MaxFails":3,"Mode":"active","ReadTimeout":120,"SendTimeout":120}},{"RealServer":"2.***.***.2","Attribute":{"Weight":100,"ConnectTimeout":5,"FailTimeout":10,"MaxFails":3,"Mode":"active","ReadTimeout":120,"SendTimeout":120}}]}
    UpstreamRetry

    integer

    No

    The retry switch. Valid values:

    • 1: on

    • 0: off

    1

    Response elements

    Element

    Type

    Description

    Example

    object

    RequestId

    string

    The ID of the request.

    0bcf28g5-d57c-11e7-9bs0-d89d6717dxbc

    Examples

    Success response

    JSON format

    {
  "RequestId": "0bcf28g5-d57c-11e7-9bs0-d89d6717dxbc"
}

    Error codes

    See Error Codes for a complete list.

    Release notes

    See Release Notes for a complete list.