This topic introduces the terms that are related to extra domain packages in Web Application Firewall (WAF).
Default number of domain names protected by WAF
By default, a WAF instance can protect one second-level domain and nine subdomains
of the second-level domain. The nine subdomains can be wildcard domains. For example,
you can add one second-level domain, such as example.com
, and up to nine subdomains, such as www.example.com
, *.example.com
, mail.example.com
, user.pay.example.com
, and x.y.z.example.com
.
Extra domain package

If the number of domain names that you want to protect is greater than the default
number of domain names that can be protected by WAF, you must purchase an extra domain
package. If you do not purchase the extra domain package, some of your domain names
cannot be protected by WAF. For example, you add the second-level domain example.com
and its subdomains to WAF, but you do not purchase an extra domain package. In this
case, if you add another second-level domain, such as aliyun.com
, or subdomains of this second-level domain to WAF, the following message is sent
to you: The number of second-level domains reaches the upper limit. Upgrade WAF or
purchase an extra domain package to increase the quota.
- You can purchase extra domain packages when you purchase a WAF instance. For more information, see Purchase a WAF instance.
- You can purchase extra domain packages when you upgrade a WAF instance. For more information, see Renew and upgrade.