Modifies the configurations of a domain name that is added to Web Application Firewall (WAF).
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
Action | String | Yes | ModifyDomain | The operation that you want to perform. Set the value to ModifyDomain. |
InstanceId | String | Yes | waf-cn-7pp26f1**** | The ID of the WAF instance. Note You can call the DescribeInstanceInfo operation to query the ID of the WAF instance. |
Domain | String | Yes | www.example.com | The domain name whose configurations you want to modify. Note You can call the DescribeDomainNames operation to query the domain names that are added to WAF. |
SourceIps | String | No | ["39.XX.XX.197"] | The IP address or domain name of the origin server. You can specify only one type of address.
Note You need to specify this parameter only if you set AccessType to waf-cloud-dns. |
LoadBalancing | Integer | No | 0 | The load balancing algorithm that you want WAF to use to forward requests to the origin server. Valid values:
Note You need to specify this parameter only if you set AccessType to waf-cloud-dns. |
HttpPort | String | No | [80] | The HTTP ports. Specify the value in the Note You need to specify this parameter only if you set AccessType to waf-cloud-dns. If you specify this parameter, your website uses HTTP. You must specify at least one of HttpPort and HttpsPort. |
HttpsPort | String | No | [443] | The HTTPS ports. Specify the value in the Note You need to specify this parameter only if you set AccessType to waf-cloud-dns. If you specify this parameter, your website uses HTTPS. You must specify at least one of HttpPort and HttpsPort. |
Http2Port | String | No | [443] | The HTTP/2 ports. Specify the value in the Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and specify HttpsPort. If you specify HttpsPort, your website uses HTTPS. |
HttpsRedirect | Integer | No | 0 | Specifies whether to enable HTTP to HTTPS redirection. If you enable HTTP to HTTPS redirection, HTTP requests are automatically redirected to HTTPS requests on port 443. Valid values:
Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and specify HttpsPort. If you specify HttpsPort, your website uses HTTPS. |
HttpToUserIp | Integer | No | 0 | Specifies whether to enable HTTPS to HTTP redirection for back-to-origin requests. If you enable HTTPS to HTTP redirection for back-to-origin requests, WAF uses HTTP to forward HTTPS requests to the origin server. By default, port 80 is used. Valid values:
Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and specify HttpsPort. If you specify HttpsPort, your website uses HTTPS. |
IsAccessProduct | Integer | Yes | 0 | Specifies whether a Layer 7 proxy, such as Anti-DDoS Proxy or Alibaba Cloud CDN, is deployed in front of WAF. A Layer 7 proxy is used to filter inbound traffic before the traffic reaches the WAF instance. Valid values:
|
AccessHeaderMode | Integer | No | 0 | The method that you want WAF to use to obtain the originating IP address of a client. Valid values:
Note You need to specify this parameter only if you set IsAccessProduct to 1. |
AccessHeaders | String | No | ["X-Client-IP"] | The custom header fields that are used to obtain the originating IP address of a client. Specify the value in the Note You need to specify this parameter only if you set AccessHeaderMode to 1. |
LogHeaders | String | No | [{"k":"ALIWAF-TAG","v":"Yes"}] | The key-value pairs that you want to use to label the requests that pass through the WAF instance. Specify the key-value pair in the WAF automatically adds the key-value pair to the headers of requests. This way, the requests that pass through WAF are identified. Note If requests contain the custom header field, WAF overwrites the original value of the field with the specified value. |
ClusterType | Integer | No | 0 | The type of WAF protection cluster. Valid values:
Note You need to specify this parameter only if you set AccessType to waf-cloud-dns. |
ConnectionTime | Integer | No | 5 | The timeout period for connections of WAF exclusive clusters. Unit: seconds. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and ClusterType to 1. |
ReadTime | Integer | No | 120 | The timeout period for read connections of WAF exclusive clusters. Unit: seconds. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and ClusterType to 1. |
WriteTime | Integer | No | 120 | The timeout period for write connections of WAF exclusive clusters. Unit: seconds. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and ClusterType to 1. |
AccessType | String | No | waf-cloud-dns | The mode in which you want to add the domain name to WAF. Valid values:
|
CloudNativeInstances | String | No | [{"ProtocolPortConfigs":[{"Ports":[80],"Protocol":"http"}],"RedirectionTypeName":"ALB","InstanceId":"alb-s65nua68wdedsp****","IPAddressList":["182.XX.XX.113"],"CloudNativeProductName":"ALB"}] | The list of server and port configurations for the transparent proxy mode. Set this parameter to a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields:
Note You need to specify this parameter only if you set AccessType to waf-cloud-native. |
IpFollowStatus | Integer | No | 0 | Specifies whether to enable the feature of forwarding requests to the origin servers that use the IP address type specified in the requests. If you enable the feature, WAF forwards requests from IPv4 addresses to origin servers that use IPv4 addresses and requests from IPv6 addresses to origin servers that use IPv6 addresses. Valid values:
Note You need to specify this parameter only if you set AccessType to waf-cloud-dns. |
SniStatus | Integer | No | 1 | Specifies whether to enable origin Server Name Indication (SNI). Origin SNI specifies the domain name to which an HTTPS connection must be established at the start of the TLS handshake process when WAF forwards requests to the origin server. If the origin server hosts multiple domain names, you must enable this feature. Valid values:
By default, origin SNI is disabled for WAF instances in the Chinese mainland and enabled for WAF instances outside the Chinese mainland. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and specify HttpsPort. If you specify HttpsPort, your website uses HTTPS. |
SniHost | String | No | waf.example.com | The value of the custom SNI field. If you do not specify this parameter, the Host field value in the request header is used. If you want WAF to use an SNI field value that is different from the value of the Host field in back-to-origin requests, you can specify a custom value for the SNI field. Note You need to specify this parameter only if you set SniStatus to 1. |
Retry | Boolean | No | true | Specifies whether WAF retries if WAF fails to forward requests to the origin server. Valid values:
|
Keepalive | Boolean | No | true | Specifies whether to enable the persistent connection feature. Valid values:
|
KeepaliveRequests | Integer | No | 1000 | The number of reused persistent connections. Valid values: 60 to 1000. Note The number of reused persistent connections after the persistent connection feature is enabled. |
KeepaliveTimeout | Integer | No | 60 | The timeout period for idle persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds. Note This parameter specifies the time for which a reused persistent connection can remain in the Idle state before the persistent connection is closed. |
ResourceGroupId | String | No | rg-atstuj3rtop**** | The ID of the resource group to which the WAF instance belongs in Resource Management. If you do not specify this parameter, the WAF instance belongs to the default resource group. |
RegionId | String | No | cn-hangzhou | The region in which the WAF instance is deployed. Valid values:
|
All Alibaba Cloud API requests must include common request parameters. For more information about common request parameters, see Common request parameters.
For information about sample requests, see the "Examples" section of this topic.
Response parameters
Parameter | Type | Example | Description |
RequestId | String | D7861F61-5B61-46CE-A47C-6B19****5EB0 | The ID of the request. |
Examples
Sample requests
http(s)://[Endpoint]/?Action=ModifyDomain
&InstanceId=waf-cn-7pp26f1****
&Domain=www.example.com
&IsAccessProduct=0
&HttpPort=[\"80\"]
&SourceIps=[\"39.XX.XX.197\"]
&<Common request parameters>
Sample success responses
XML
format
HTTP/1.1 200 OK
Content-Type:application/xml
<?xml version="1.0" encoding="UTF-8" ?>
<ModifyDomainResponse>
<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>
</ModifyDomainResponse>
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"RequestId" : "D7861F61-5B61-46CE-A47C-6B19160D5EB0"
}
Error codes
For a list of error codes, see Service error codes.