Edge Security Acceleration:FAQ about connecting a website to ESA

ESA provides a more effective way for you to manage your websites through its website management feature. The main benefits of connecting a website are as follows:

1. Centralized management, simplified operations

   ESA uses "website" as the primary management unit. A website contains a root domain and all related information and configurations for its subdomains. Compared to traditional acceleration service providers that handle each subdomain individually, this centralized management method significantly simplifies the process. You can view and manage all root domains from the website management page, avoiding the complexity and hassle of handling subdomains one by one.

   

2. Configure once, apply globally

   Within an ESA website, configuration changes, such as DNS records, cache settings, and security rules, automatically apply to all subdomains of that website. You do not need to configure each subdomain individually, which saves time and reduces the risk of configuration errors. This bulk configuration also ensures consistency in settings, guaranteeing that all subdomains have uniform performance and security policies.

   

3. Efficient DNS management

   With ESA, you can configure, modify, and manage DNS records within the website. This centralizes all DNS-related operations on a single interface, greatly improving management efficiency. You can complete all necessary settings in one place without switching between multiple platforms, which significantly reduces operational complexity.

   

4. Enhanced security

   Adding a website with a root domain name, such as example.com, also helps you better manage security configurations. ESA provides robust security measures, including DDoS protection and Web Application Firewall (WAF), which apply to all subdomains within the website, offering comprehensive security protection.

   

5. Improved website performance

   By distributing user requests to the nearest points of presence (POPs) through ESA's global distributed network, ESA significantly reduces loading times and improves your website's access speed. All subdomains benefit from the performance enhancements of this acceleration network, improving user experience and increasing the overall efficiency and conversion rate of your website.

6. Easy monitoring and analysis

   ESA provides powerful monitoring and analysis tools for your websites. You can track access data, traffic, and performance metrics in real time. This centralized monitoring lets you quickly detect potential performance bottlenecks or security threats and take prompt action to ensure the healthy operation of the website.

In summary, connecting your website to ESA provides advantages such as centralized management, global configuration, efficient DNS management, enhanced security, improved website performance, and easy monitoring. We strongly recommend connecting your website using a root domain (such as example.com) to manage DNS records, caching, and security comprehensively for an efficient, simple, and secure web experience.

Currently, only Enterprise plans support adding a subdomain (such as api.example.com) as a website. You can contact us to customize an Enterprise plan.

If you have subscribed to an Enterprise plan, follow these steps to add a subdomain:

ESA allocates POPs based on the region that you select. Generally, choose a region based on your user distribution. For example, if your users are distributed worldwide, select Global. If your users are distributed only in the Chinese mainland, select Chinese Mainland.

• Global: ESA provides global acceleration and protection for your website by assigning secure acceleration POPs from around the world. This region requires your domain name to have an ICP filing for the Chinese mainland.

• Chinese Mainland: ESA uses secure acceleration POPs located only in the Chinese mainland to accelerate and protect your services within the region. This is suitable when your online services cater only to users in the Chinese mainland. This region requires your domain name to have an ICP filing for the Chinese mainland.

• Global (Excluding The Chinese Mainland): ESA assigns global secure acceleration POPs outside the Chinese mainland. This region does not require an ICP filing.

When connecting a website, you can choose from three acceleration regions: Global, Global (Excluding The Chinese Mainland), and Chinese Mainland. If your business scope changes, switch the region as needed.

If you connected your website using the NS setup and want to pause the proxy acceleration service for the entire website without turning off the proxy acceleration switch for each record on the DNS > Records page, enable the DNS passthrough mode. This switch does not affect your configurations on the DNS > Records page.

The ESA service allows a website to be active in only one account at a time.

In large enterprises, departments may have different Alibaba Cloud accounts. If multiple accounts add the same domain name as a website, the website may be activated by different accounts sequentially, which can cause service faults. Use the site hold feature to prohibit other accounts from adding your website and its subdomains.

1. Log on to the ESA console.

2. In the left-side navigation pane, click Websites.

3. On the Websites page, find the website that you want to manage, and click the name of the website.

4. On the website details page, in the navigation pane on the left, click Overview.

5. On the right side of the Overview page, in the Quick Actions section, click to enable Site Hold.

   

A DNS record import may fail for the following reasons:

• The new record to be imported has the same name as an existing record. For more information, see DNS record conflict rules.

• The file contains invalid characters. You must fill in the DNS records based on the file template provided on the page.

• The number of records to be imported in a single batch exceeds 100. You can import a maximum of 100 records at a time.

If you have checked the possible causes above and the problem persists, you can submit a ticket for support.

When you use Alibaba Cloud OSS as the origin server for an ESA website, traffic from OSS to ESA is automatically discounted compared with standard Internet traffic from OSS. For more information, see Alibaba Cloud OSS traffic billing description.

After you add a website using the NS setup,go to your domain name provider to modify the NS records and delegate DNS resolution for your domain to ESA. ESA then becomes your DNS provider. After the NS change takes effect, all DNS records configured at your original DNS provider become invalid. Therefore, before you modify the NS records, you must first configure the DNS records that you want to keep from your original DNS provider in ESA. This ensures that your online services are not interrupted.

If you want to perform an online service verification test before you officially switch the service to ESA, you can test different records:

1. DNS-only records: You can run the dig command for your record and specify the NS record assigned to you by ESA (@ESA-assigned-NS-record). This retrieves the DNS resolution from the specified ESA NS server. Then, check whether the resolved record value is the same as the one you configured in ESA. Example command: dig DNS-only-record @ESA-assigned-NS:

   

   You can obtain the NS record assigned to you by ESA from the website overview in the console:

   

2. Proxied records: Pre-testing is not supported.

You can submit a ticket to obtain the IP address of a test POP. Then, modify your local hosts file to force the accelerated domain name, such as api.example.com, to point to the test POP's IP address for verification.