If you want to add multiple domain names that are hosted by the same server to an Anti-DDoS Premium instance, we recommend that you apply for the CNAME reuse feature. This feature allows you to configure the instance only once and map multiple domain names hosted by the same server to the CNAME that is assigned by Anti-DDoS Premium.

After CNAME reuse is enabled, you can modify the CNAME to map the domain names hosted by the same server to the CNAME assigned by Anti-DDoS Premium. This way, all the domain names are added to Anti-DDoS Premium.

Usage notes

Only Anti-DDoS Premium supports CNAME reuse. Anti-DDoS Pro does not support CNAME reuse.

Scenarios

CNAME reuse is suitable for the following scenarios:
  • Customers, such as agents, independent software vendors (ISVs), or distributors, want to add a large number of domain names to an Anti-DDoS Premium instance. Most of the domain names are hosted by the same server, and the number of domain names frequently changes.
  • Multiple second-level domain names are required for the promotion and search engine optimization (SEO) of the same service.
  • Multiple alternative domain names are required for a service.

Limits

The following table describes the limits of CNAME reuse.

Item Description
Protocol HTTP and HTTPS are supported.
Note If you add domain names by using HTTPS, all the domain names that are mapped to the same CNAME share an SSL certificate after CNAME reuse is enabled.
Origin server Domain names that are mapped to the same CNAME must be hosted by the same origin server.

Enable CNAME reuse

You can use CNAME reuse along with Sec-Traffic Manager. When you enable CNAME reuse, you can determine whether to use Sec-Traffic Manager. For more information about Sec-Traffic Manager, see Overview.
  • If you use Sec-Traffic Manager, you must select a general interaction rule. Then, the CNAME configured in the rule is reused to resolve a domain name.
  • If you do not use Sec-Traffic Manager, the CNAME assigned by Anti-DDoS Premium is reused to resolve a domain name.
The configuration descriptions in this topic are based on the following assumptions:
  • The origin server has two IP addresses: 192.10.XX.XX and 192.11.XX.XX.
  • IP address 192.10.XX.XX hosts three domain names: a.example, b.example, and c.example.

The following procedure describes how to use CNAME reuse to add the following domain names that are hosted on the IP address 192.10.XX.XX to an Anti-DDoS Premium instance: a.example, b.example, and c.example.

  1. Enable CNAME reuse when you add a domain name.
    1. Log on to the Anti-DDoS Pro console.
    2. In the top navigation bar, select Outside Chinese Mainland.
    3. In the left-side navigation pane, choose Provisioning > Website Config.
    4. Add a domain name and enable CNAME reuse, or enable this feature for an existing domain name. For more information about how to add a domain name, see Add a website.
      In the example, the IP address of the origin server is 192.10.XX.XX, and the domain name is a.example, b.example, or c.example.
      Enable CNAME reuse for a domain name
  2. Specify whether to use Sec-Traffic Manager. Update the CNAME of the protected domain name.
    When you enable CNAME reuse, you must determine whether to use Sec-Traffic Manager.
    • Enable CNAME reuse without Sec-Traffic Manager
      1. In the Select Traffic Scheduling Rule dialog box, click Without Sec-Traffic Manager and then OK. Enable CNAME reuse without Sec-Traffic Manager
      2. After a domain name is added, record the CNAME assigned for the domain name.
      3. In the console of your DNS provider, update the DNS records for all the domain names that are hosted on the IP address 192.10.XX.XX. The domain names are a.example, b.example, and c.example. Then, create a CNAME and set the record value of the CNAME to that recorded in the previous step.
    • Enable CNAME reuse with Sec-Traffic Manager
      1. In the Select Traffic Scheduling Rule dialog box, click With Sec-Traffic Manager, select a Sec-Traffic Manager rule, and then click OK. Enable CNAME reuse with Sec-Traffic Manager
        If you enable CNAME reuse with Sec-Traffic Manager, the Sec-Traffic Manager rule must be associated with both the IP address of the origin server and the IP address of the Anti-DDoS Premium instance used in the website configuration. The IP address of the origin server is 192.10.XX.XX in this example. If no rules are available, click Create Sec-Traffic Manager Rule to create a rule. Then, apply the rule.
        Important The IP address of the Anti-DDoS Premium instance in the Sec-Traffic Manager rule must be the same as that used in the website configuration.
        Sec-Traffic Manager rule
      2. After you select a Sec-Traffic Manager rule, record the CNAME of the rule. CNAME reuse
      3. In the console of the DNS provider, update the DNS records for all the domain names that are hosted on the IP address 192.10.XX.XX. The domain names are a.example, b.example, and c.example. Then, create a CNAME and set the record value of the CNAME to that recorded in the previous step.
  3. Optional:To add domain names that are hosted on another IP address of the origin server (192.11.XX.XX), repeat Step 1 and Step 2.

Disable CNAME reuse

You can disable CNAME reuse on the Website Config page.

Warning Before you disable this feature, make sure that the service traffic of all the domain names mapped to the CNAME is no longer rerouted to your Anti-DDoS Premium instance. Otherwise, the inbound traffic cannot be forwarded to the origin server.
  1. https://yundun.console.aliyun.com/?p=ddoscoo
  2. In the top navigation bar, select Outside Chinese Mainland.
  3. >
  4. Find the required domain, click Edit in the Actions column, and then disable CNAME reuse.
  5. Specify whether to retain the website configuration or the Sec-Traffic Manager rule.
    • If you retain the website configuration, the traffic forwarding rules still take effect.
    • If you retain the Sec-Traffic Manager rule, Sec-Traffic Manager still takes effect.