All Products
Search
Document Center

Web Application Firewall:DescribeDomainDetail

Last Updated:Nov 15, 2024

Queries the details of a domain name that is added to Web Application Firewall (WAF).

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
yundun-waf:DescribeDomainDetailget
*All Resources
*
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
InstanceIdstringYes

The ID of the WAF instance.

Note You can call the DescribeInstance operation to obtain the ID of the WAF instance.
waf_cdnsdf3****
DomainstringYes

The domain name that you want to query.

www.aliyundoc.com
RegionIdstringNo

The region where the WAF instance resides. Valid values:

  • cn-hangzhou: the Chinese mainland.
  • ap-southeast-1: outside the Chinese mainland.
cn-hangzhou

Response parameters

ParameterTypeDescriptionExample
object

The response parameters.

RequestIdstring

The ID of the request.

BAEF9CA9-66A0-533E-BD09-5D5D7AA8****
Domainstring

The domain name.

www.aliyundoc.com
Statuslong

The status of the domain name. Valid values:

  • 1: The domain name is in a normal state.
  • 2: The domain name is being created.
  • 3: The domain name is being modified.
  • 4: The domain name is being released.
  • 5: WAF no longer forwards traffic of the domain name.
1
Cnamestring

The CNAME that is assigned by WAF to the domain name.

xxxxxcvdaf.****.com
Listenobject

The configurations of the listeners.

HttpPortsarray

An array of HTTP listener ports.

httpPortlong

The HTTP listener port.

80
HttpsPortsarray

An array of HTTPS listener ports.

httpsPortlong

The HTTPS listener port.

443
Http2Enabledboolean

Indicates whether HTTP/2 is enabled. Valid values:

  • true: HTTP/2 is enabled.
  • false: HTTP/2 is disabled.
true
CertIdlong

The ID of the certificate.

123
TLSVersionstring

The version of the Transport Layer Security (TLS) protocol. Valid values:

  • tlsv1
  • tlsv1.1
  • tlsv1.2
tlsv1.2
EnableTLSv3boolean

Indicates whether TLS 1.3 is supported. Valid values:

  • true: TLS 1.3 is supported.
  • false: TLS 1.3 is not supported.
true
CipherSuitelong

The type of the cipher suites. Valid values:

  • 1: all cipher suites.
  • 2: strong cipher suites.
  • 99: custom cipher suites.
2
CustomCiphersarray

An array of custom cipher suites.

customCipherstring

The custom cipher suite.

xxx
FocusHttpsboolean

Indicates whether HTTP to HTTPS redirection is enabled for the domain name. Valid values:

  • true: HTTP to HTTPS redirection is enabled.
  • false: HTTP to HTTPS redirection is disabled.
true
SM2Enabledboolean

Indicates whether SM certificate-based verification is enabled. Valid values:

  • true
  • false
true
SM2CertIdboolean

The ID of the SM certificate that is added. This parameter is returned only if the value of SM2Enabled is true.

123-cn-hangzhou
SM2AccessOnlyboolean

Indicates whether only SM certificate-based clients can access the domain name. This parameter is returned only if the value of SM2Enabled is true. Valid values:

  • true
  • false
true
XffHeaderModelong

The method that WAF uses to obtain the actual IP address of a client. Valid values:

  • 0: No Layer 7 proxies are deployed in front of WAF.
  • 1: WAF reads the first value of the X-Forwarded-For (XFF) header field as the actual IP address of the client.
  • 2: WAF reads the value of a custom header field as the actual IP address of the client.
2
XffHeadersarray

An array of custom header fields that are used to obtain the actual IP address of a client.

xffHeaderstring

The custom header field that is used to obtain the actual IP address of a client.

Client-ip
IPv6Enabledboolean

Indicates whether IPv6 is enabled. Valid values:

  • true: IPv6 is enabled.
  • false: IPv6 is disabled.
true
ProtectionResourcestring

The type of protection resource that is used. Valid values:

  • share: shared cluster.
  • gslb: shared cluster-based intelligent load balancing.
share
ExclusiveIpboolean

Indicates whether an exclusive IP address is enabled. Valid values:

  • true: An exclusive IP address is enabled for the domain name.
  • false: No exclusive IP addresses are enabled for the domain name.
true
Redirectobject

The configurations of the forwarding rule.

Backendsarray<object>

An array of addresses of origin servers.

backendobject

The IP addresses or domain names of origin servers.

Backendstring

The IP address or domain name of the origin server.

1.1.XX.XX
Loadbalancestring

The load balancing algorithm that is used when WAF forwards requests to the origin server. Valid values:

  • ip_hash: the IP hash algorithm.
  • roundRobin: the round-robin algorithm.
  • leastTime: the least response time algorithm.
iphash
FocusHttpBackendboolean

Indicates whether HTTPS to HTTP redirection is enabled for back-to-origin requests of the domain name. Valid values:

  • true: HTTPS to HTTP redirection for back-to-origin requests of the domain name is enabled.
  • false: HTTPS to HTTP redirection for back-to-origin requests of the domain name is disabled.
true
SniEnabledboolean

Indicates whether origin Server Name Indication (SNI) is enabled. Valid values:

  • true: Origin SNI is enabled.
  • false: Origin SNI is disabled. This is the default value.
true
SniHoststring

The value of the custom SNI field.

www.aliyundoc.com
RequestHeadersarray<object>

An array of key-value pairs that are used to mark the requests that pass through the WAF instance.

RequestHeaderobject

The key-value pair that is used to mark the requests that pass through the WAF instance.

Keystring

The custom header field.

aaa
Valuestring

The value of the custom header field.

bbb
ConnectTimeoutinteger

The timeout period of the connection. Unit: seconds. Valid values: 5 to 120.

120
WriteTimeoutinteger

The write timeout period. Unit: seconds. Valid values: 5 to 1800.

200
ReadTimeoutinteger

The read timeout period. Unit: seconds. Valid values: 5 to 1800.

200
Keepaliveboolean

Indicates whether the persistent connection feature is enabled. Valid values:

  • true: The persistent connection feature is enabled. This is the default value.
  • false: The persistent connection feature is disabled.
true
Retryboolean

Indicates whether WAF retries when requests fail to be forwarded to the origin server. Valid values:

  • true: WAF retries. This is the default value.
  • false: WAF does not retry.
true
KeepaliveRequestsinteger

The number of reused persistent connections. Valid values: 60 to 1000.

Note This parameter specifies the number of reused persistent connections when you enable the persistent connection feature.
1000
KeepaliveTimeoutinteger

The timeout period of persistent connections that are in the Idle state. Valid values: 1 to 60. Default value: 15. Unit: seconds.

Note This parameter specifies the period of time during which a reused persistent connection is allowed to remain in the Idle state before the persistent connection is released.
15
XffProtoboolean

Indicates whether the X-Forward-For-Proto header is used to identify the protocol used by WAF to forward requests to the origin server. Valid values:

  • true (default)
  • false
true
ResourceManagerResourceGroupIdstring

The ID of the resource group.

rg-acfm***q
CertDetailobject

The details of the SSL certificate.

Namestring

The name of the SSL certificate.

test-cert-name
Idstring

The ID of the SSL certificate.

123-cn-hangzhou
StartTimelong

The beginning of the validity period of the SSL certificate. The value is in the UNIX timestamp format. Unit: milliseconds.

1677772800000
EndTimelong

The end of the validity period of the SSL certificate. The value is in the UNIX timestamp format. Unit: milliseconds.

1685590400000
CommonNamestring

The domain name of your website.

test.aliyundoc.com
Sansarray

All domain names that are bound to the certificate.

Sansstring

All domain names that are bound to the certificate.

www.aliyundoc.com
SM2CertDetailobject

The information about the SM certificate.

Namestring

The name of the SSL certificate.

test-sm2-cert-name
Idstring

The ID of the SSL certificate.

123-cn-hangzhou
StartTimelong

The beginning of the validity period of the SSL certificate. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.

1657551525000
EndTimelong

The end of the validity period of the SSL certificate. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.

1665590400000
CommonNamestring

The domain name of your website.

test.aliyundoc.com
Sansarray

All domain names that are bound to the certificate.

Sansstring

All domain names that are bound to the certificate.

www.aliyundoc.com

Examples

Sample success responses

JSONformat

{
  "RequestId": "BAEF9CA9-66A0-533E-BD09-5D5D7AA8****",
  "Domain": "www.aliyundoc.com",
  "Status": 1,
  "Cname": "xxxxxcvdaf.****.com",
  "Listen": {
    "HttpPorts": [
      80
    ],
    "HttpsPorts": [
      443
    ],
    "Http2Enabled": true,
    "CertId": 123,
    "TLSVersion": "tlsv1.2",
    "EnableTLSv3": true,
    "CipherSuite": 2,
    "CustomCiphers": [
      "xxx"
    ],
    "FocusHttps": true,
    "SM2Enabled": true,
    "SM2CertId": true,
    "SM2AccessOnly": true,
    "XffHeaderMode": 2,
    "XffHeaders": [
      "Client-ip"
    ],
    "IPv6Enabled": true,
    "ProtectionResource": "share",
    "ExclusiveIp": true
  },
  "Redirect": {
    "Backends": [
      {
        "Backend": "1.1.XX.XX"
      }
    ],
    "Loadbalance": "iphash",
    "FocusHttpBackend": true,
    "SniEnabled": true,
    "SniHost": "www.aliyundoc.com",
    "RequestHeaders": [
      {
        "Key": "aaa",
        "Value": "bbb"
      }
    ],
    "ConnectTimeout": 120,
    "WriteTimeout": 200,
    "ReadTimeout": 200,
    "Keepalive": true,
    "Retry": true,
    "KeepaliveRequests": 1000,
    "KeepaliveTimeout": 15,
    "XffProto": true
  },
  "ResourceManagerResourceGroupId": "rg-acfm***q",
  "CertDetail": {
    "Name": "test-cert-name",
    "Id": "123-cn-hangzhou",
    "StartTime": 1677772800000,
    "EndTime": 1685590400000,
    "CommonName": "test.aliyundoc.com",
    "Sans": [
      "www.aliyundoc.com"
    ]
  },
  "SM2CertDetail": {
    "Name": "test-sm2-cert-name",
    "Id": "123-cn-hangzhou",
    "StartTime": 1657551525000,
    "EndTime": 1665590400000,
    "CommonName": "test.aliyundoc.com\n",
    "Sans": [
      "www.aliyundoc.com\n"
    ]
  }
}

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-06-06The response structure of the API has changedView Change Details
2024-01-30The response structure of the API has changedView Change Details
2023-04-27The response structure of the API has changedView Change Details
2023-04-18The response structure of the API has changedView Change Details