ModifyDomain - Web Application Firewall

Modifies the configurations of a domain name that is added to Web Application Firewall (WAF).

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter	Type	Required	Example	Description
Action	String	Yes	ModifyDomain	The operation that you want to perform. Set the value to ModifyDomain.
InstanceId	String	Yes	waf-cn-7pp26f1****	The ID of the WAF instance. Note You can call the DescribeInstanceInfo operation to query the ID of the WAF instance.
Domain	String	Yes	www.example.com	The domain name whose configurations you want to modify. Note You can call the DescribeDomainNames operation to query the domain names that are added to WAF.
SourceIps	String	No	["39.XX.XX.197"]	The IP address or domain name of the origin server. You can specify only one type of address. If you use the IP address type, specify the value in the `["ip1","ip2",...]` format. You can specify up to 20 IP addresses. If you use the domain name type, specify the value in the `["domain"]` format. You can enter only one domain name. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns.
LoadBalancing	Integer	No	0	The load balancing algorithm that you want WAF to use to forward requests to the origin server. Valid values: 0: IP hash. 1: round-robin. 2: least time. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns.
HttpPort	String	No	[80]	The HTTP ports. Specify the value in the `["port1","port2",...]` format. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns. If you specify this parameter, your website uses HTTP. You must specify at least one of HttpPort and HttpsPort.
HttpsPort	String	No	[443]	The HTTPS ports. Specify the value in the `["port1","port2",...]` format. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns. If you specify this parameter, your website uses HTTPS. You must specify at least one of HttpPort and HttpsPort.
Http2Port	String	No	[443]	The HTTP/2 ports. Specify the value in the `["port1","port2",...]` format. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and specify HttpsPort. If you specify HttpsPort, your website uses HTTPS.
HttpsRedirect	Integer	No	0	Specifies whether to enable HTTP to HTTPS redirection. If you enable HTTP to HTTPS redirection, HTTP requests are automatically redirected to HTTPS requests on port 443. Valid values: 0 (default): disables HTTP to HTTPS redirection. 1: enables HTTP to HTTPS redirection. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and specify HttpsPort. If you specify HttpsPort, your website uses HTTPS.
HttpToUserIp	Integer	No	0	Specifies whether to enable HTTPS to HTTP redirection for back-to-origin requests. If you enable HTTPS to HTTP redirection for back-to-origin requests, WAF uses HTTP to forward HTTPS requests to the origin server. By default, port 80 is used. Valid values: 0 (default): disables HTTPS to HTTP redirection for back-to-origin requests. 1: enables HTTPS to HTTP redirection for back-to-origin requests. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and specify HttpsPort. If you specify HttpsPort, your website uses HTTPS.
IsAccessProduct	Integer	Yes	0	Specifies whether a Layer 7 proxy, such as Anti-DDoS Proxy or Alibaba Cloud CDN, is deployed in front of WAF. A Layer 7 proxy is used to filter inbound traffic before the traffic reaches the WAF instance. Valid values: 0: no. 1: yes.
AccessHeaderMode	Integer	No	0	The method that you want WAF to use to obtain the originating IP address of a client. Valid values: 0 (default): WAF reads the first value of the X-Forwarded-For (XFF) header field as the originating IP address of the client. 1: WAF reads the value of a custom header field as the originating IP address of the client. Note You need to specify this parameter only if you set IsAccessProduct to 1.
AccessHeaders	String	No	["X-Client-IP"]	The custom header fields that are used to obtain the originating IP address of a client. Specify the value in the `["header1","header2",...]` format. Note You need to specify this parameter only if you set AccessHeaderMode to 1.
LogHeaders	String	No	[{"k":"ALIWAF-TAG","v":"Yes"}]	The key-value pairs that you want to use to label the requests that pass through the WAF instance. Specify the key-value pair in the `[{"k":"_key_","v":"_value_"}]` format. `_key_` specifies a header field in a custom request. `_value_` specifies the value of the field. WAF automatically adds the key-value pair to the headers of requests. This way, the requests that pass through WAF are identified. Note If requests contain the custom header field, WAF overwrites the original value of the field with the specified value.
ClusterType	Integer	No	0	The type of WAF protection cluster. Valid values: 0 (default): shared cluster. 1: exclusive cluster. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns.
ConnectionTime	Integer	No	5	The timeout period for connections of WAF exclusive clusters. Unit: seconds. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and ClusterType to 1.
ReadTime	Integer	No	120	The timeout period for read connections of WAF exclusive clusters. Unit: seconds. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and ClusterType to 1.
WriteTime	Integer	No	120	The timeout period for write connections of WAF exclusive clusters. Unit: seconds. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and ClusterType to 1.
AccessType	String	No	waf-cloud-dns	The mode in which you want to add the domain name to WAF. Valid values: waf-cloud-dns (default): CNAME record mode. waf-cloud-native: transparent proxy mode.
CloudNativeInstances	String	No	[{"ProtocolPortConfigs":[{"Ports":[80],"Protocol":"http"}],"RedirectionTypeName":"ALB","InstanceId":"alb-s65nua68wdedsp****","IPAddressList":["182.XX.XX.113"],"CloudNativeProductName":"ALB"}]	The list of server and port configurations for the transparent proxy mode. Set this parameter to a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields: ProtocolPortConfigs: the list of protocol and port configurations. This field is required. Data type: array. Each element in a JSON array is a JSON struct that contains the following fields: Ports: the list of ports. This field is required. Data type: array. Specify the value in the `[port1,port2,……]` format. Protocol: the protocol. This field is required. Data type: string. Valid values: http and https. CloudNativeProductName: the type of the cloud service instance. This field is required. Data type: string. Valid values: ECS, SLB, and ALB. RedirectionTypeName: the type of traffic redirection port. This field is required. Data type: string. Valid values: ECS, SLB-L4, SLB-L7, and ALB. InstanceId: the ID of the cloud service instance. This field is required. Data type: string. IPAddressList: the list of public IP addresses of the cloud service instance. This field is required. Data type: array. Specify the value in the `["ip1","ip2",...]` format. Note You need to specify this parameter only if you set AccessType to waf-cloud-native.
IpFollowStatus	Integer	No	0	Specifies whether to enable the feature of forwarding requests to the origin servers that use the IP address type specified in the requests. If you enable the feature, WAF forwards requests from IPv4 addresses to origin servers that use IPv4 addresses and requests from IPv6 addresses to origin servers that use IPv6 addresses. Valid values: 0 (default): disables the feature. 1: enables the feature. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns.
SniStatus	Integer	No	1	Specifies whether to enable origin Server Name Indication (SNI). Origin SNI specifies the domain name to which an HTTPS connection must be established at the start of the TLS handshake process when WAF forwards requests to the origin server. If the origin server hosts multiple domain names, you must enable this feature. Valid values: 0: disables origin SNI. 1: enables origin SNI. By default, origin SNI is disabled for WAF instances in the Chinese mainland and enabled for WAF instances outside the Chinese mainland. Note You need to specify this parameter only if you set AccessType to waf-cloud-dns and specify HttpsPort. If you specify HttpsPort, your website uses HTTPS.
SniHost	String	No	waf.example.com	The value of the custom SNI field. If you do not specify this parameter, the Host field value in the request header is used. If you want WAF to use an SNI field value that is different from the value of the Host field in back-to-origin requests, you can specify a custom value for the SNI field. Note You need to specify this parameter only if you set SniStatus to 1.
Retry	Boolean	No	true	Specifies whether WAF retries if WAF fails to forward requests to the origin server. Valid values: true (default) false
Keepalive	Boolean	No	true	Specifies whether to enable the persistent connection feature. Valid values: true (default) false
KeepaliveRequests	Integer	No	1000	The number of reused persistent connections. Valid values: 60 to 1000. Note The number of reused persistent connections after the persistent connection feature is enabled.
KeepaliveTimeout	Integer	No	60	The timeout period for idle persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds. Note This parameter specifies the time for which a reused persistent connection can remain in the Idle state before the persistent connection is closed.
ResourceGroupId	String	No	rg-atstuj3rtop****	The ID of the resource group to which the WAF instance belongs in Resource Management. If you do not specify this parameter, the WAF instance belongs to the default resource group.
RegionId	String	No	cn-hangzhou	The region in which the WAF instance is deployed. Valid values: cn-hangzhou: Chinese mainland. ap-southeast-1: outside the Chinese mainland.

All Alibaba Cloud API requests must include common request parameters. For more information about common request parameters, see Common request parameters.

For information about sample requests, see the "Examples" section of this topic.

Response parameters

Parameter	Type	Example	Description
RequestId	String	D7861F61-5B61-46CE-A47C-6B19****5EB0	The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=ModifyDomain
&InstanceId=waf-cn-7pp26f1****
&Domain=www.example.com
&IsAccessProduct=0
&HttpPort=[\"80\"]
&SourceIps=[\"39.XX.XX.197\"]
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<?xml version="1.0" encoding="UTF-8" ?>
<ModifyDomainResponse>
	<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>
</ModifyDomainResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "D7861F61-5B61-46CE-A47C-6B19160D5EB0"
}

Error codes

For a list of error codes, see Service error codes.