Queries the configurations of a domain name that is added to Web Application Firewall (WAF).

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates a sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeDomain

The operation that you want to perform. Set the value to DescribeDomain.

Domain String Yes www.example.com

The domain name that you want to query.

Note You can call the DescribeDomainNames operation to query the domain names that are added to WAF.
InstanceId String Yes waf-cn-7pp26f1****

The ID of the WAF instance.

Note You can call the DescribeInstanceInfo operation to query the ID of the WAF instance.

All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see Common parameters.

For more information about sample requests, see the "Examples" section of this topic.

Response parameters

Parameter Type Example Description
RequestId String D827FCFE-90A7-4330-9326-D33C8B4C7726

The ID of the request.

Domain Struct

The configuration information of the domain name.

AccessHeaderMode Integer 1

The method that WAF uses to obtain the actual IP address of a client. Valid values:

  • 0: WAF reads the first value of the X-Forwarded-For (XFF) header field as the actual IP address of the client.
  • 1: WAF reads the value of a custom header field as the actual IP address of the client.
Note This parameter is returned only when the IsAccessProduct parameter is set to 1. The value 1 indicates that a Layer 7 proxy is deployed in front of WAF.
AccessHeaders List ["X-Client-IP"]

The custom header field that is used to obtain the actual IP address of a client.

Note This parameter is returned only when the AccessHeaderMode parameter is set to 1. The value 1 indicates that WAF reads the value of the custom header field as the actual IP address of a client.
AccessType String waf-cloud-dns

The mode that is used to add the domain name. Valid values:

  • waf-cloud-dns: CNAME record mode.
  • waf-cloud-native: transparent proxy mode.
CloudNativeInstances Array of CloudNativeInstances

The list of configurations that are added in transparent proxy mode.

Note This parameter is returned only when the AccessType parameter is set to waf-cloud-native.
CloudNativeProductName String ALB

The type of cloud service instance. Valid values:

  • SLB: indicates a Classic Load Balancer (CLB) instance, originally called a Server Load Balancer (SLB) instance.
  • ECS: indicates an Elastic Compute Service (ECS) instance.
  • ALB: indicates an Application Load Balancer (ALB) instance.
IPAddressList String ["39.XX.XX.197"]

The list of public IP addresses of the cloud service instances.

InstanceId String alb-s65nua68wdedsp****

The ID of the cloud service instance.

ProtocolPortConfigs Array of ProtocolPortConfigs

The list of protocol and port configurations.

Ports String [80]

The list of ports.

Protocol String http

The protocol. Valid values:

  • http: HTTP
  • https: HTTPS
RedirectionTypeName String ALB

The type of traffic redirection port. Valid values:

  • SLB-L4: indicates that traffic on the Layer 4 listening ports of SLB instances is redirected to WAF.
  • SLB-L7: indicates that traffic on the Layer 7 listening ports of SLB instances is redirected to WAF.
  • ECS: indicates that traffic on the listening ports of ECS instances is redirected to WAF.
  • ALB: indicates that traffic on the HTTP and HTTPS listening ports of ALB instances is redirected to WAF.
ClusterType Integer 0

The type of WAF protection cluster. Valid values:

  • 0: shared cluster
  • 1: exclusive cluster
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
Cname String kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com

The CNAME assigned by WAF.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
ConnectionTime Integer 5

The timeout period for connections of WAF clusters. Unit: seconds.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
Http2Port List [443,8443]

The list of HTTP/2 ports.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns and the HttpsPort parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.
HttpPort List [80]

The list of HTTP ports.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
HttpToUserIp Integer 0

Indicates whether Enable HTTP is turned on. Valid values:

  • 0: Enable HTTP is turned off.
  • 1: Enable HTTP is turned on.
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns and the HttpsPort parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.
HttpsPort List [443,8443]

The list of HTTPS ports.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
HttpsRedirect Integer 0

Indicates whether Enable HTTPS Routing is turned on. Valid values:

  • 0: Enable HTTPS Routing is turned off.
  • 1: Enable HTTPS Routing is turned on.
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns and the HttpsPort parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.
IpFollowStatus Integer 1

Indicates whether WAF forwards requests to the origin server by using the same IP address type, IPv4 or IPv6, as specified in the requests. Valid values:

  • 0: WAF forwards requests to the origin server, regardless of the IP address type, IPv4 or IPv6, specified in the requests.
  • 1: WAF forwards requests to the origin server by using the same IP address type, IPv4 or IPv6, as specified in the requests.
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
IsAccessProduct Integer 1

Indicates whether a Layer 7 proxy is configured, which is used to filter inbound traffic before the traffic is sent to the WAF instance. The supported Layer 7 proxies include Anti-DDoS Pro, Anti-DDoS Premium, and Alibaba Cloud CDN. Valid values:

  • 0: A Layer 7 proxy is not configured.
  • 1: A Layer 7 proxy is configured.
LoadBalancing Integer 2

The load balancing algorithm that is used when WAF forwards requests to the origin server. Valid values:

  • 0: IP hash
  • 1: Round-robin
  • 2: least time
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
LogHeaders Array of LogHeader

The key-value pair that is used to mark the requests that pass through the WAF instance.

Note This parameter is returned only when the traffic marking feature is enabled for the domain name.
k String ALIWAF-TAG

The name of the custom header field.

v String Yes

The value of the custom header field.

ReadTime Integer 120

The timeout period for read connections of WAF exclusive clusters. Unit: seconds.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
ResourceGroupId String rg-acfm2mkrunv****

The ID of the resource group to which the WAF instance belongs.

SourceIps List ["39.XX.XX.197"]

The IP address of the origin server.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
Version Long 40

The version of the domain name configuration.

WriteTime Integer 120

The timeout period for write connections of WAF exclusive clusters. Unit: seconds.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.

Examples

Sample requests

http(s)://[Endpoint]/?Action=DescribeDomain
&Domain=www.example.com
&InstanceId=waf-cn-7pp26f1****
&<common request parameters>

Sample success responses

XML format

<DescribeDomainResponse>
      <RequestId>D827FCFE-90A7-4330-9326-D33C8B4C7726</RequestId>
      <Domain>
            <HttpToUserIp>0</HttpToUserIp>
            <HttpPort>80</HttpPort>
            <IsAccessProduct>1</IsAccessProduct>
            <AccessHeaderMode>1</AccessHeaderMode>
            <ResourceGroupId>rg-acfm2mkrunv****</ResourceGroupId>
            <AccessHeaders>X-Client-IP</AccessHeaders>
            <ReadTime>120</ReadTime>
            <SourceIps>39.XX.XX.197</SourceIps>
            <IpFollowStatus>1</IpFollowStatus>
            <ClusterType>0</ClusterType>
            <LoadBalancing>2</LoadBalancing>
            <Cname>kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com</Cname>
            <LogHeaders>
                  <v>Yes</v>
                  <k>ALIWAF-TAG</k>
            </LogHeaders>
            <WriteTime>120</WriteTime>
            <Http2Port>443</Http2Port>
            <Http2Port>8443</Http2Port>
            <Version>40</Version>
            <HttpsRedirect>0</HttpsRedirect>
            <ConnectionTime>5</ConnectionTime>
            <AccessType>waf-cloud-dns</AccessType>
            <HttpsPort>443</HttpsPort>
            <HttpsPort>8443</HttpsPort>
      </Domain>
</DescribeDomainResponse>

JSON format

{
  "RequestId": "D827FCFE-90A7-4330-9326-D33C8B4C7726",
  "Domain": {
    "HttpToUserIp": 0,
    "HttpPort": [
      80
    ],
    "IsAccessProduct": 1,
    "AccessHeaderMode": 1,
    "ResourceGroupId": "rg-acfm2mkrunv****",
    "AccessHeaders": [
      "X-Client-IP"
    ],
    "ReadTime": 120,
    "SourceIps": [
      "39.XX.XX.197"
    ],
    "IpFollowStatus": 1,
    "ClusterType": 0,
    "LoadBalancing": 2,
    "Cname": "kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com",
    "LogHeaders": [
      {
        "v": "Yes",
        "k": "ALIWAF-TAG"
      }
    ],
    "WriteTime": 120,
    "Http2Port": [
      443,
      8443
    ],
    "Version": 40,
    "HttpsRedirect": 0,
    "ConnectionTime": 5,
    "AccessType": "waf-cloud-dns",
    "HttpsPort": [
      443,
      8443
    ]
  }
}

Error codes

For a list of error codes, visit the API Error Center.