How to verify the ownership of a domain name that you want to add to Alibaba Cloud CDN - Edge Security Acceleration

The first time you add a domain name to the Dynamic Content Delivery Network (DCDN) console, the system verifies the ownership of the domain name. After the domain passes the verification, its subdomains do not require separate ownership verification.

Method 1: (Recommended) Use a DNS record to verify the ownership

The domain name image.example.com is used as an example to show how to verify the ownership of a domain name by adding a DNS record.

On the verification page, click the Method 1: DNS Settings tab to obtain the values of the Host and Value parameters.
Important
Do not close the verification page before the verification is complete. In specific cases, DNS record verification may fail. If DNS record verification fails, you can use Method 2: Upload a verification file to verify the ownership.
Add a TXT record in the system of your DNS service provider.
The following example shows how to add a TXT record to the DNS settings at Alibaba Cloud DNS. You can use similar methods to add TXT records to the systems of other DNS providers, such as Tencent Cloud and Xinnet.
1. Log on to the Alibaba Cloud DNS console.
2. On the Domain Name Resolution page, find the root domain example.com and click DNS Settings in the Actions column.
3. Click Add DNS Record, set the Record Type parameter to TXT, set the Hostname and Record Value parameters to the values that are obtained in Step 1, and then use the default values for other parameters.
4. Click OK.
After the TXT record takes effect, log on to the DCDN console and click Verify.
If a message indicating that the domain name fails the verification appears, check whether the TXT record is correct. Wait for the TXT record to take effect and try again.
The accelerated domain name image.example.com is used in the following examples to check whether the TXT record is correct.
Note
- If you add a TXT record, the TXT record immediately takes effect. If you modify a TXT record, the amount of time that is required for the updates to take effect is based on the TTL. The default TTL is 10 minutes.
- If nslookup is not installed on Linux, you can run the yum install bind-utils command on CentOS or the apt-get install dnsutils command on Ubuntu to install nslookup.
Windows
Open Command Prompt in Windows, and then run the nslookup -type=TXT verification.example.com command. You can check whether the TXT record is correct based on the output.
Linux
Run the nslookup -type=TXT verification.example.com command. You can check whether the TXT record is correct based on the output.

Method 2: Upload a verification file to verify the ownership

On the verification page, click the Method 2: Verification File tab.
Important
Do not close the verification page before the verification is complete.
Click verification.html to download the verification file.
Upload the verification file to the root directory on the server of the root domain name. The server can be an Elastic Compute Service (ECS) instance, an Object Storage Service (OSS) bucket, a Cloud Virtual Machine (CVM) instance, a Cloud Object Storage (COS) instance, or an Elastic Compute Cloud (EC2) instance. For example, if the domain name is image.example.com, you need to upload the file to the root directory of example.com.
After you make sure that the verification file is accessible from http://example.com/verification.html, click Verify.
DCDN accesses http://example.com/verification.html on your server for verification.
- If the record value in the file is the same as the record value in the verification file, the verification is successful.
- Otherwise, the verification fails. Make sure that the preceding URL is accessible and the file that you uploaded is valid.

FAQ

The following questions may arise the first time a domain name is added to Alibaba Cloud CDN:

Q: Why does the system verify the ownership of domain names?
A: Ownership verification ensures that domain names are added only by their owners. If a domain name that belongs to User A is added by User B, security issues may arise.
Q: If I have multiple Alibaba Cloud accounts and this is the first time that I add a domain name to Alibaba Cloud, does the system verify the ownership of the domain name for each account?
A: Yes. Each Alibaba Cloud account is identified as an independent user. The first time you add a domain name, the system verifies the ownership of the domain name for each account (user).
Q: If a domain name passes ownership verification after I add a DNS record or upload a verification file, can I delete the record or file?
A: Yes. The required DNS record or file is used only for ownership verification. After the domain name passes ownership verification, you can delete the record or the file.
Q: Do I need to prove the ownership of a domain name that has been added to DCDN?
No. For example, you have added the domain name example.aliyundoc.com to DCDN and the CNAME that is assigned to the domain name works as expected. In this case, you are deemed as the owner of the domain name aliyundoc.com. When you add subdomains of aliyundoc.com, such as **.aliyundoc.com or ***.aliyundoc.com, ownership verification is not required.
Q: If I call the AddDcdnDomain operation to add a domain name, do I need to prove the ownership of the domain name?
A: Yes. You need to first add a DNS record or upload a verification file to the root directory on the origin server of the domain name that you want to add. Then, call the AddDcdnDomain operation to add the domain name.
Q: What do I do if I cannot prove the ownership of my domain name by adding a DNS record or uploading a verification file?
A: You can submit a ticket to explain the reason why you cannot complete ownership verification and provide information that can prove that you own the domain name for manual review.

Method 1: (Recommended) Use a DNS record to verify the ownership

Windows

Linux

Method 2: Upload a verification file to verify the ownership

FAQ