Queries the configurations of a domain name that is added to Web Application Firewall (WAF).

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeDomain

The operation that you want to perform. Set this parameter to DescribeDomain.

Domain String Yes www.example.com

The domain name that you want to query.

Note You can call the DescribeDomainNames operation to query the domain names that are added to WAF.
InstanceId String Yes waf-cn-7pp26f1****

The ID of the WAF instance.

Note You can call the DescribeInstanceInfo operation to query the ID of the WAF instance.

All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see Common parameters.

For more information about sample requests, see the Examples section of this topic.

Response parameters

Parameter Type Example Description
RequestId String D827FCFE-90A7-4330-9326-D33C8B4C7726

The ID of the request.

Domain Struct

The configurations of the domain name.

AccessHeaderMode Integer 1

The method that WAF uses to obtain the actual IP address of a client. Valid values:

  • 0: WAF reads the first value of the X-Forwarded-For (XFF) header field as the actual IP address of the client.
  • 1: WAF reads the value of a custom header field as the actual IP address of the client.
Note This parameter is returned only when the IsAccessProduct parameter is set to 1. The value 1 indicates that a Layer 7 proxy is deployed in front of WAF.
AccessHeaders List ["X-Client-IP"]

The custom header field that is used to obtain the actual IP address of a client.

Note This parameter is returned only when the AccessHeaderMode parameter is set to 1. The value 1 indicates that WAF reads the value of the custom header field as the actual IP address of a client.
AccessType String waf-cloud-dns

The mode that is used to add the domain name. Valid values:

  • waf-cloud-dns: CNAME record mode
  • waf-cloud-native: transparent proxy mode
CloudNativeInstances Array of CloudNativeInstances

The list of configurations that are added in transparent proxy mode.

Note This parameter is returned only when the AccessType parameter is set to waf-cloud-native.
CloudNativeProductName String ALB

The type of cloud service instance. Valid values:

  • SLB: Classic Load Balancer (CLB) instance, originally called Server Load Balancer (SLB) instance
  • ECS: Elastic Compute Service (ECS) instance
  • ALB: Application Load Balancer (ALB) instance
IPAddressList String ["39.XX.XX.197"]

The public IP addresses of the cloud service instances.

InstanceId String alb-s65nua68wdedsp****

The ID of the cloud service instance.

ProtocolPortConfigs Array of ProtocolPortConfigs

The protocol and port configurations.

Ports String [80]

The ports.

Protocol String http

The protocol. Valid values:

  • http: HTTP
  • https: HTTPS
RedirectionTypeName String ALB

The type of traffic redirection port. Valid values:

  • SLB-L4: Traffic on the Layer 4 listening ports of the CLB instance is redirected to WAF.
  • SLB-L7: Traffic on the Layer 7 listening ports of the CLB instance is redirected to WAF.
  • ECS: Traffic on the listening ports of the ECS instance is redirected to WAF.
  • ALB: Traffic on the HTTP and HTTPS listening ports of the ALB instance is redirected to WAF.
ClusterType Integer 0

The type of WAF protection cluster. Valid values:

  • 0: shared cluster
  • 1: exclusive cluster
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
Cname String kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com

The CNAME assigned by WAF.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
ConnectionTime Integer 5

The timeout period for connections of WAF clusters. Unit: seconds.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
Http2Port List [443,8443]

The HTTP/2 ports.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns and the HttpsPort parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.
HttpPort List [80]

The HTTP ports.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
HttpToUserIp Integer 0

Indicates whether the feature of redirecting HTTPS requests to HTTP requests is enabled. Valid values:

  • 0: The feature is disabled.
  • 1: The feature is enabled.
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns and the HttpsPort parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.
HttpsPort List [443,8443]

The HTTPS ports.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
HttpsRedirect Integer 0

Indicates whether the feature of redirecting HTTP requests to HTTPS requests is enabled. Valid values:

  • 0: The feature is disabled.
  • 1: The feature is enabled.
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns and the HttpsPort parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.
IpFollowStatus Integer 1

Indicates whether the feature of forwarding requests to the origin servers that use the IP address type specified in the requests is enabled. Valid values:

  • 0: The feature is disabled.
  • 1: The feature is enabled.
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
IsAccessProduct Integer 1

Indicates whether a Layer 7 proxy is configured, which is used to filter inbound traffic before the traffic is sent to the WAF instance. The supported Layer 7 proxies include Anti-DDoS Pro, Anti-DDoS Premium, and Alibaba Cloud CDN. Valid values:

  • 0: A Layer 7 proxy is not configured.
  • 1: A Layer 7 proxy is configured.
LoadBalancing Integer 2

The load balancing algorithm that is used when WAF forwards requests to the origin server. Valid values:

  • 0: IP hash
  • 1: Round-robin
  • 2: least time
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
LogHeaders Array of LogHeader

The key-value pair that is used to mark the requests that pass through the WAF instance.

Note This parameter is returned only when the traffic marking feature is enabled for the domain name.
k String ALIWAF-TAG

The name of the custom header field.

v String Yes

The value of the custom header field.

ReadTime Integer 120

The timeout period for read connections of WAF clusters. Unit: seconds.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
ResourceGroupId String rg-acfm2mkrunv****

The ID of the resource group to which the WAF instance belongs.

SniHost String waf.example.com

The value of the custom Server Name Indication (SNI) field. If the parameter is left empty, the value of the Host field in the request header is automatically used as the value of the SNI field.

Note This parameter is returned only when the value of the SniStatus parameter is set to 1.
SniStatus Integer 1

Indicates whether origin SNI is enabled. Origin Server Name Indication (SNI) specifies the domain name to which an HTTPS connection needs to be established at the start of the TLS handshaking process when WAF forwards requests to the origin server. Valid values:

  • 0: Origin SNI is disabled.
  • 1: Origin SNI is enabled.
Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns and the HttpsPort parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.
SourceIps List ["39.XX.XX.197"]

The IP address of the origin server.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.
Version Long 40

The version of the domain name configuration.

WriteTime Integer 120

The timeout period for write connections of WAF clusters. Unit: seconds.

Note This parameter is returned only when the value of the AccessType parameter is set to waf-cloud-dns.

Examples

Sample requests

http(s)://[Endpoint]/?Action=DescribeDomain
&Domain=www.example.com
&InstanceId=waf-cn-7pp26f1****
&<Common request parameters>

Sample success responses

XML format

<DescribeDomainResponse>
      <RequestId>D827FCFE-90A7-4330-9326-D33C8B4C7726</RequestId>
      <Domain>
            <HttpToUserIp>0</HttpToUserIp>
            <HttpPort>80</HttpPort>
            <IsAccessProduct>1</IsAccessProduct>
            <AccessHeaderMode>1</AccessHeaderMode>
            <ResourceGroupId>rg-acfm2mkrunv****</ResourceGroupId>
            <AccessHeaders>X-Client-IP</AccessHeaders>
            <ReadTime>120</ReadTime>
            <SourceIps>39.XX.XX.197</SourceIps>
            <IpFollowStatus>1</IpFollowStatus>
            <ClusterType>0</ClusterType>
            <LoadBalancing>2</LoadBalancing>
            <Cname>kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com</Cname>
            <LogHeaders>
                  <v>Yes</v>
                  <k>ALIWAF-TAG</k>
            </LogHeaders>
            <WriteTime>120</WriteTime>
            <Http2Port>443</Http2Port>
            <Http2Port>8443</Http2Port>
            <Version>40</Version>
            <HttpsRedirect>0</HttpsRedirect>
            <ConnectionTime>5</ConnectionTime>
            <AccessType>waf-cloud-dns</AccessType>
            <HttpsPort>443</HttpsPort>
            <HttpsPort>8443</HttpsPort>
      </Domain>
</DescribeDomainResponse>

JSON format

{
  "RequestId": "D827FCFE-90A7-4330-9326-D33C8B4C7726",
  "Domain": {
    "HttpToUserIp": 0,
    "HttpPort": [
      80
    ],
    "IsAccessProduct": 1,
    "AccessHeaderMode": 1,
    "ResourceGroupId": "rg-acfm2mkrunv****",
    "AccessHeaders": [
      "X-Client-IP"
    ],
    "ReadTime": 120,
    "SourceIps": [
      "39.XX.XX.197"
    ],
    "IpFollowStatus": 1,
    "ClusterType": 0,
    "LoadBalancing": 2,
    "Cname": "kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com",
    "LogHeaders": [
      {
        "v": "Yes",
        "k": "ALIWAF-TAG"
      }
    ],
    "WriteTime": 120,
    "Http2Port": [
      443,
      8443
    ],
    "Version": 40,
    "HttpsRedirect": 0,
    "ConnectionTime": 5,
    "AccessType": "waf-cloud-dns",
    "HttpsPort": [
      443,
      8443
    ]
  }
}

Error codes

For a list of error codes, visit the API Error Center.