This topic describes the requirements and limits on domain names that you can use with Alibaba Cloud CDN. Make sure that your domain names and the content they serve conform with the requirements to avoid unexpected costs that may result from regulatory violations.

Item Description
Domain name
  • Domain name type: The domain name that you want to accelerate can be a specific domain name such as example.aliyundoc.com or a wildcard domain name such as *.aliyundoc.com.
  • Domain name format:
    • The domain name must be 1 to 67 characters in length.
    • The domain name can contain lowercase letters, digits, and hyphens (-). Example: example.com.
    • The domain name cannot contain Chinese characters, uppercase letters, or characters other than hyphens (-). The domain name cannot be a hyphen (-). A hyphen (-) in a domain name cannot be followed by another hyphen (-). The domain name cannot start or end with a hyphen (-). If the domain name contains Chinese characters, for example, 阿里云.网址, you must apply for an ICP number for the domain name in Chinese characters and use the Punycode tool to convert the Chinese characters into English letters, such as xn--fiq****.xn--eq****. Then, you can specify the converted domain name as the domain name that you want to accelerate.
  • Requirements for wildcard domain names:
    • Alibaba Cloud CDN supports wildcard domain names. For information about the limits on wildcard domain names, see Does Alibaba Cloud CDN support wildcard domain names?
    • The wildcard domain name that you specify and the domain names that match the wildcard domain name must belong to the same Alibaba Cloud account. Otherwise, an error message appears when you add domain names.
    • If a wildcard domain name is not added to Alibaba Cloud CDN, you can add domain names that match the wildcard domain name to Alibaba Cloud CDN by using different Alibaba Cloud accounts.
    • Each wildcard domain name can match up to 500 specific domain names. If more than 500 specific domain names match a wildcard domain name, only the first 500 specific domain names can acquire the settings of the wildcard domain name. Other domain names cannot be accelerated by Alibaba Cloud CDN.
      Note The first 500 specific domain names that match the wildcard domain name can be accelerated by Alibaba Cloud CDN.
  • You cannot add domain names that have been added to other Alibaba Cloud services.

    If the system prompts that the domain name has been added to another Alibaba Cloud service, such as ApsaraVideo VOD or Dynamic Route for CDN (DCDN), Contact your account manager or contact us by other means. For more information, see Contact us..

  • Each Alibaba Cloud account can add up to 50 domain names to Alibaba Cloud CDN.
    Note However, if the sum of the average daily peak bandwidth values of your domain names exceeds 50 Mbit/s, you can request to add more domain names by following the method described in Quota management. Make sure that the increase of domain names does not cause business risks.
  • The content that is delivered from the domain name must be legal and compliant with the Terms of Service for Alibaba Cloud CDN. For more information, see Limits.
  • ICP filing: If you set the acceleration region of a domain name to Global or Chinese Mainland Only, you must apply for an ICP number for the domain name. We recommend that you use Alibaba Cloud ICP Filing System to apply for ICP numbers. For more information, see Prepare and check the instance and access information.
  • Domain name reclaiming: If your domain name is disabled for 120 days, Alibaba Cloud CDN deletes the configuration records that are related to the domain name. This rule also applies to domain names that fail ownership verification. If you want to continue using the domain name, you must go to the Alibaba Cloud CDN console to add the domain name again.
  • Domain name disabling: For more information, see Rules for disabling accelerated domain names.
  • Sandbox: If an accelerated domain name is under attack, such as DDoS attacks or HTTP flood attacks, or faces significant increases in bandwidth or QPS due to traffic spikes that have not been reported to Alibaba Cloud, Alibaba Cloud CDN has the right to add the attacked domain name to a sandbox based on factors such as the service status of the domain name and the impact of the attack. This ensures that the acceleration services of other users can work as expected. For more information about sandboxes, see Introduction to sandboxes. If the attack is severe, other accelerated domain names in the same account are also added to the sandbox, and the addition of new domain names to the account is restricted.
Access region If you set Region to Global (Excluding the Chinese mainland) for a domain name, Alibaba Cloud CDN blocks user requests to points of presence (POPs) located in the Chinese mainland.
IoT card According to the relevant regulations of the Ministry of Industry and Information Technology (MIIT) of the People's Republic of China, Alibaba Cloud CDN does not provide acceleration services for devices that use IoT cards in the Chinese mainland. Devices that use IoT cards to access Alibaba Cloud points of presence (POPs) may not be connected to the IP addresses of the POPs.
Origin server
  • Address length: The address of an origin server cannot exceed 67 characters in length.
  • Maximum number of origin servers: You can set at most 20 origin server addresses for each accelerated domain name.
  • OSS Domain
    • If you use an Object Storage Service (OSS) bucket as the origin server, you can enter the public domain name of the OSS bucket, such as, ***.oss-cn-hangzhou.aliyuncs.com. Internal domain names of OSS buckets are not supported.
    • You can obtain the public domain name of an OSS bucket in the OSS console. You can also select the domain name of an OSS bucket that belongs to the current Alibaba Cloud account from the Domain Name drop-down list.
    Note Preferential pricing for data transfer between Alibaba Cloud CDN and OSS:
    • To enjoy preferential pricing on traffic between Alibaba Cloud CDN and OSS, you must set the origin server type to OSS Domain in the Alibaba Cloud CDN console.
    • If you set the origin server type to Site Domain in the Alibaba Cloud CDN console, OSS identifies network traffic sent from Alibaba Cloud CDN as outbound data transfer over the Internet. In this case, normal charges apply.

    For more information, see Billing of OSS content acceleration.

  • IP address: You can configure one or more IP addresses for an origin server. Internal IP addresses are not supported. IPv4 addresses and IPv6 addresses are supported, and you must configure at least one IPv4 address. Public IP addresses of Alibaba Cloud Elastic Compute Service (ECS) instances do not need to be reviewed.
  • Site Domain: Enter the domain names of one or more origin servers.
    Note
    • The origin domain name must be different from the accelerated domain name. Otherwise, a DNS resolution loop occurs, and requests cannot be redirected to the origin server.
    • The format of the origin domain name:
      • The domain name must be 1 to 67 characters in length,
      • and can contain lowercase letters, digits, and hyphens (-). Example: example.com.
      • The domain name cannot contain Chinese characters, uppercase letters, or characters other than hyphens (-). The domain name cannot be a hyphen (-). A hyphen (-) in a domain name cannot be followed by another hyphen (-). The domain name cannot start or end with a hyphen (-). If the domain name contains Chinese characters such as 阿里云.网址, you must perform ICP filing for the Chinese domain name. Then, use the Punycode tool to convert the domain name to its ASCII equivalent, such as xn--fiq****.xn--eq****. Specify the converted domain name as the domain name to be accelerated.
    • You cannot add the IP address of an Alibaba Cloud Application Load Balancer (ALB) instance, for example, example.hangzhou.alb.aliyuncs.com, as the IP address of an origin server. However, you can configure a CNAME record for an ALB instance to resolve a service domain name, for example, origin.example.com, to the address of an ALB instance. For more information, see Configure a CNAME record. Then, set the service domain name to domain name of the origin server that is accelerated by Alibaba Cloud CDN.
  • Function Compute Domain: Enter a Function Compute domain name that belongs to the current Alibaba Cloud account. You must set the Region and Domain Name parameters for the Function Compute domain name. For more information, see Configure a custom domain name.
CNAME CNAMEs that are assigned by Alibaba Cloud CDN, DCDN, ApsaraVideo Live, ApsaraVideo VOD, or Secure CDN (SCDN) can be used only for domain name resolution. If Alibaba Cloud discovers that your CNAME is used for unauthorized or malicious activities, Alibaba Cloud reserves the right to close your Alibaba Cloud account and remove the domain names.
Service quota
  • Accelerated domain name

    Each Alibaba Cloud account can add at most 50 domain names to Alibaba Cloud CDN. If the average daily peak bandwidth value exceeds 50 Mbit/s and your workloads are under protection, you can Quota management to add more domain names to Alibaba Cloud CDN.

  • Cache refresh
    • URL refresh: 10,000 URLs per day for each Alibaba Cloud account.
    • Directory refresh: 100 directories per day for each Alibaba Cloud account.

    If your daily peak bandwidth exceeds 200 Mbit/s, you can Quota management to request a quota increase. Alibaba Cloud determines whether to approve your application based on your business requirements.

  • File prefetch

    You can prefetch files only by using URLs. Each Alibaba Cloud account can submit a maximum of 1,000 URLs per day.

    If your daily peak bandwidth exceeds 200 Mbit/s, you can Quota management to request a quota increase. Alibaba Cloud determines whether to approve your application based on your business requirements.

Content moderation

Alibaba Cloud reviews the content served on all accelerated domain names. Domain names that cannot be accelerated by Alibaba Cloud CDN include but are not limited to:

  • Websites whose content is inaccessible or does not provide valid information
  • Private game servers
  • Websites that provide multiplayer role-playing games and card games
  • Websites that provide downloads of pirated content, including pirated software, books, videos, and comics
  • Websites that run peer-to-peer (P2P) lending
  • Unofficial lottery websites
  • Websites of unlicensed hospitals and pharmaceuticals
  • Websites that serve content pertaining to pornography, drugs, and gambling
Note
  • You are legally responsible for the content hosted on your accelerated domain name. Alibaba Cloud CDN regularly reviews the content of accelerated domain names. If illicit content is detected from a domain name, Alibaba Cloud CDN immediately disables or blocks the domain name. If the violation is severe, Alibaba Cloud CDN may even permanently block all domain names that belong to the Alibaba Cloud account.
  • For example, if you add a wildcard domain name *.example.com, to Alibaba Cloud CDN and a specific domain name (a.example.com) matches the wildcard domain name contains illicit content, Alibaba Cloud CDN disables the entire wildcard domain name (*.example.com).
  • If a domain name fails the review, you can check the reason for rejection on the Domain Names page in the Alibaba Cloud CDN console. Then, you can modify the content based on the rejection details and submit the domain name for review again.
Origin fetch
  • An HTTP request header cannot exceed 300 bytes.
  • Timeout period

    By default, the timeout period for back-to-origin requests that are transmitted over TCP is 10 seconds. The timeout period for back-to-origin requests that are transmitted over HTTP is 30 seconds.

  • Response header

    If an origin server does not respond to Content-Type, Alibaba Cloud CDN automatically adds Content-Type:application/octet-stream.

  • Automatic conversion from HEAD to GET for back-to-origin requests
    By default, HEAD requests are sent to CDN POPs before the requests are redirected to origin servers. In this case, HEAD requests are converted to GET requests. If you do not want to convert HEAD requests to GET requests, you can navigate to the Custom Request Header tab in the Alibaba Cloud CDN console, and configure the following header. For more information, see Configure an HTTP header for back-to-origin requests.
    • Custom parameter: Ali-Swift-Fwd-Head
    • Value: on
Important After you set the Customize Back-to-origin Request parameter, the strings are converted to camel case during back-to-origin routing, as shown in the following examples:
  • Example 1: ALI-CDN is converted to Ali-Cdn.
  • Example 2: ALICDN is converted to Alicdn.

If you want to disable automatic case conversion, add the following header to Customize Back-to-origin Request:

  • Custom parameter: Ali-Swift-Header-Capitalize
  • Value: off
Bandwidth throttling

According to the Alibaba Cloud International Website Product Terms of Service, if you expect traffic spikes on CDN-accelerated services, you must contact your account manager or contact us by other means described in Contact us to apply for burst bandwidth at least three business days in advance. For major events including but not limited to the Spring Festival Gala and Double 11 Global Shopping Festival, you must apply for burst bandwidth at least one month in advance. If the application is successful, Alibaba Cloud guarantees the availability of your services when the burst bandwidth is within the level agreed upon by both parties. If you do not apply for burst bandwidth or the application is unsuccessful, Alibaba Cloud reserves the right to take measures such as bandwidth throttling to ensure service-level stability for other Alibaba Cloud customers. Alibaba Cloud is not responsible for the reduced availability caused by these measures.

File
  • File cache
    • Responses whose Cache-Control directives do not allow caching: Alibaba Cloud CDN closes the connection after the amount of data transmitted from the origin server reaches 100 MB.
    • Responses whose Cache-Control directives allow caching: Alibaba Cloud CDN caches files up to 500 GB in size.
  • File upload

    You can upload files to origin servers by using Alibaba Cloud CDN. Each file can be up to 300 MB in size.

EdgeScript By default, you can configure only one script for each domain name. If you want to configure multiple scripts, Contact your account manager or contact us by other means. For more information, see Contact us..
Stress testing
If you want to run stress tests on a domain name that is accelerated by Alibaba Cloud CDN, you must contact your account manager or contact us by other means described in Contact us to report the details of the stress tests at least three days in advance. Otherwise, you may experience the following issue:
  • Stress tests on bandwidth may cause bandwidth usage spikes and increase bandwidth costs.
  • Stress tests on the number of queries per second (QPS) may trigger HTTP flood protection rules of Alibaba Cloud CDN. As a result, the domain name is added to a sandbox. For more information, see Introduction to sandboxes.
Length of URLs and HTTP request headers, and total length of URLs and HTTP request headers
HTTP/2:
  • If the default setting of the NGINX directive is http2_max_field_size=32KB, the length of an individual HTTP request header or an individual URL cannot exceed 32 KB. Otherwise, the HTTP 414 status code is returned.
  • If the default setting of the NGINX directive is http2_max_header_size=128KB, the total length of all HTTP request headers and URLs cannot exceed 128 KB. Otherwise, the HTTP 400 status code is returned.

HTTP/1.1: For the large_client_header_buffers directive, number is set to 4 and size is set to 64 KB. In this case, the length of an individual HTTP request header or an individual URL cannot exceed 64 KB. Otherwise, the HTTP 414 status code is returned. The total length of all HTTP request headers and URLs cannot exceed 256 KB. Otherwise, the HTTP 400 status code is returned.

Request method Alibaba Cloud CDN supports the GET, PUT, POST, and HEAD request methods.
Note
  • If you want your website to support DELETE and PATCH requests, use DCDN to enable acceleration for dynamic content delivery.
  • Only POST and PUT requests can carry a request body.
  • By default, Alibaba Cloud CDN converts HEAD requests to GET requests before they are redirected to the origin server. If you want to redirect HEAD requests to the origin server, you can add a custom request header on the Custom Request Header tab in the Alibaba Cloud CDN console. The following table describes how to add a custom request header. For more information, see Configure an HTTP header for back-to-origin requests.
Parameter Custom header
Custom Parameters Ali-Swift-Fwd-Head
Description on
Feature configuration You can add a maximum of 50 configuration records, including the following features: Custom Request Header, Custom Response Headers, Back-to-origin URL Rewrite, Parameter Rewrite, and Cache Expiration.
Intelligent and Brotli compression Only files that are not smaller than 1 KB are compressed.
API calls for each user You can call this API operation up to 1,000 times per second per account. If the upper limit is reached, the following message is returned:
ErrorCode:Throttling
ErrorMessage:Request was denied due to flow control.