DescribeDomainDetail - Web Application Firewall - Alibaba Cloud Documentation Center

Queries the details of a domain name that is added to Web Application Firewall (WAF).

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
yundun-waf:DescribeDomainDetail	Read	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
InstanceId	string	Yes	The ID of the WAF instance. Note You can call the DescribeInstance operation to obtain the ID of the WAF instance.	waf_cdnsdf3****
Domain	string	Yes	The domain name that you want to query.	www.aliyundoc.com
RegionId	string	No	The region where the WAF instance resides. Valid values: cn-hangzhou: the Chinese mainland. ap-southeast-1: outside the Chinese mainland.	cn-hangzhou

Response parameters

Parameter	Type	Description	Example
	object	The response parameters.
RequestId	string	The ID of the request.	BAEF9CA9-66A0-533E-BD09-5D5D7AA8****
Domain	string	The domain name.	www.aliyundoc.com
Status	long	The status of the domain name. Valid values: 1: The domain name is in a normal state. 2: The domain name is being created. 3: The domain name is being modified. 4: The domain name is being released. 5: WAF no longer forwards traffic of the domain name.	1
Cname	string	The CNAME that is assigned by WAF to the domain name.	xxxxxcvdaf.****.com
Listen	object	The configurations of the listeners.
HttpPorts	array	An array of HTTP listener ports.
	long	The HTTP listener port.	80
HttpsPorts	array	An array of HTTPS listener ports.
	long	The HTTPS listener port.	443
Http2Enabled	boolean	Indicates whether HTTP/2 is enabled. Valid values: true: HTTP/2 is enabled. false: HTTP/2 is disabled.	true
CertId	long	The ID of the certificate.	123
TLSVersion	string	The version of the Transport Layer Security (TLS) protocol. Valid values: tlsv1 tlsv1.1 tlsv1.2	tlsv1.2
EnableTLSv3	boolean	Indicates whether TLS 1.3 is supported. Valid values: true: TLS 1.3 is supported. false: TLS 1.3 is not supported.	true
CipherSuite	long	The type of the cipher suites. Valid values: 1: all cipher suites. 2: strong cipher suites. 99: custom cipher suites.	2
CustomCiphers	array	An array of custom cipher suites.
	string	The custom cipher suite.	xxx
FocusHttps	boolean	Indicates whether HTTP to HTTPS redirection is enabled for the domain name. Valid values: true: HTTP to HTTPS redirection is enabled. false: HTTP to HTTPS redirection is disabled.	true
SM2Enabled	boolean	Indicates whether SM certificate-based verification is enabled. Valid values: true false	true
SM2CertId	boolean	The ID of the SM certificate that is added. This parameter is returned only if the value of SM2Enabled is true.	123-cn-hangzhou
SM2AccessOnly	boolean	Indicates whether only SM certificate-based clients can access the domain name. This parameter is returned only if the value of SM2Enabled is true. Valid values: true false	true
XffHeaderMode	long	The method that WAF uses to obtain the actual IP address of a client. Valid values: 0: No Layer 7 proxies are deployed in front of WAF. 1: WAF reads the first value of the X-Forwarded-For (XFF) header field as the actual IP address of the client. 2: WAF reads the value of a custom header field as the actual IP address of the client.	2
XffHeaders	array	An array of custom header fields that are used to obtain the actual IP address of a client.
	string	The custom header field that is used to obtain the actual IP address of a client.	Client-ip
IPv6Enabled	boolean	Indicates whether IPv6 is enabled. Valid values: true: IPv6 is enabled. false: IPv6 is disabled.	true
ProtectionResource	string	The type of protection resource that is used. Valid values: share: shared cluster. gslb: shared cluster-based intelligent load balancing.	share
ExclusiveIp	boolean	Indicates whether an exclusive IP address is enabled. Valid values: true: An exclusive IP address is enabled for the domain name. false: No exclusive IP addresses are enabled for the domain name.	true
Redirect	object	The configurations of the forwarding rule.
Backends	object []	An array of addresses of origin servers.
Backend	string	The IP address or domain name of the origin server.	1.1.XX.XX
Loadbalance	string	The load balancing algorithm that is used when WAF forwards requests to the origin server. Valid values: ip_hash: the IP hash algorithm. roundRobin: the round-robin algorithm. leastTime: the least response time algorithm.	iphash
FocusHttpBackend	boolean	Indicates whether HTTPS to HTTP redirection is enabled for back-to-origin requests of the domain name. Valid values: true: HTTPS to HTTP redirection for back-to-origin requests of the domain name is enabled. false: HTTPS to HTTP redirection for back-to-origin requests of the domain name is disabled.	true
SniEnabled	boolean	Indicates whether origin Server Name Indication (SNI) is enabled. Valid values: true: Origin SNI is enabled. false: Origin SNI is disabled. This is the default value.	true
SniHost	string	The value of the custom SNI field.	www.aliyundoc.com
RequestHeaders	object []	An array of key-value pairs that are used to mark the requests that pass through the WAF instance.
Key	string	The custom header field.	aaa
Value	string	The value of the custom header field.	bbb
ConnectTimeout	integer	The timeout period of the connection. Unit: seconds. Valid values: 5 to 120.	120
WriteTimeout	integer	The write timeout period. Unit: seconds. Valid values: 5 to 1800.	200
ReadTimeout	integer	The read timeout period. Unit: seconds. Valid values: 5 to 1800.	200
Keepalive	boolean	Indicates whether the persistent connection feature is enabled. Valid values: true: The persistent connection feature is enabled. This is the default value. false: The persistent connection feature is disabled.	true
Retry	boolean	Indicates whether WAF retries to forward requests when requests fail to be forwarded to the origin server. Valid values: true: WAF retries to forward requests. This is the default value. false: WAF does not retry to forward requests.	true
KeepaliveRequests	integer	The number of reused persistent connections. Valid values: 60 to 1000. Note This parameter specifies the number of reused persistent connections when you enable the persistent connection feature.	1000
KeepaliveTimeout	integer	The timeout period of persistent connections that are in the Idle state. Valid values: 1 to 60. Default value: 15. Unit: seconds. Note This parameter specifies the period of time during which a reused persistent connection is allowed to remain in the Idle state before the persistent connection is released.	15
XffProto	boolean	Indicates whether the X-Forward-For-Proto header is used to identify the protocol used by WAF to forward requests to the origin server. Valid values: true (default) false	true
ResourceManagerResourceGroupId	string	The ID of the resource group.	rg-acfm***q
CertDetail	object	The details of the SSL certificate.
Name	string	The name of the SSL certificate.	test-cert-name
Id	string	The ID of the SSL certificate.	123-cn-hangzhou
StartTime	long	The beginning of the validity period of the SSL certificate. The value is in the UNIX timestamp format. Unit: milliseconds.	1677772800000
EndTime	long	The end of the validity period of the SSL certificate. The value is in the UNIX timestamp format. Unit: milliseconds.	1685590400000
CommonName	string	The domain name of your website.	test.aliyundoc.com
Sans	array	All domain names that are bound to the certificate.
	string	All domain names that are bound to the certificate.	www.aliyundoc.com
SM2CertDetail	object	The information about the SM certificate.
Name	string	The name of the SSL certificate.	test-sm2-cert-name
Id	string	The ID of the SSL certificate.	123-cn-hangzhou
StartTime	long	The beginning of the validity period of the SSL certificate. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.	1657551525000
EndTime	long	The end of the validity period of the SSL certificate. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.	1665590400000
CommonName	string	The domain name of your website.	test.aliyundoc.com
Sans	array	All domain names that are bound to the certificate.
	string	All domain names that are bound to the certificate.	www.aliyundoc.com

Examples

Sample success responses

JSONformat

{
  "RequestId": "BAEF9CA9-66A0-533E-BD09-5D5D7AA8****",
  "Domain": "www.aliyundoc.com",
  "Status": 1,
  "Cname": "xxxxxcvdaf.****.com",
  "Listen": {
    "HttpPorts": [
      80
    ],
    "HttpsPorts": [
      443
    ],
    "Http2Enabled": true,
    "CertId": 123,
    "TLSVersion": "tlsv1.2",
    "EnableTLSv3": true,
    "CipherSuite": 2,
    "CustomCiphers": [
      "xxx"
    ],
    "FocusHttps": true,
    "SM2Enabled": true,
    "SM2CertId": true,
    "SM2AccessOnly": true,
    "XffHeaderMode": 2,
    "XffHeaders": [
      "Client-ip"
    ],
    "IPv6Enabled": true,
    "ProtectionResource": "share",
    "ExclusiveIp": true
  },
  "Redirect": {
    "Backends": [
      {
        "Backend": "1.1.XX.XX"
      }
    ],
    "Loadbalance": "iphash",
    "FocusHttpBackend": true,
    "SniEnabled": true,
    "SniHost": "www.aliyundoc.com",
    "RequestHeaders": [
      {
        "Key": "aaa",
        "Value": "bbb"
      }
    ],
    "ConnectTimeout": 120,
    "WriteTimeout": 200,
    "ReadTimeout": 200,
    "Keepalive": true,
    "Retry": true,
    "KeepaliveRequests": 1000,
    "KeepaliveTimeout": 15,
    "XffProto": true
  },
  "ResourceManagerResourceGroupId": "rg-acfm***q",
  "CertDetail": {
    "Name": "test-cert-name",
    "Id": "123-cn-hangzhou",
    "StartTime": 1677772800000,
    "EndTime": 1685590400000,
    "CommonName": "test.aliyundoc.com",
    "Sans": [
      "www.aliyundoc.com"
    ]
  },
  "SM2CertDetail": {
    "Name": "test-sm2-cert-name",
    "Id": "123-cn-hangzhou",
    "StartTime": 1657551525000,
    "EndTime": 1665590400000,
    "CommonName": "test.aliyundoc.com\n",
    "Sans": [
      "www.aliyundoc.com\n"
    ]
  }
}