What Should I Do If the DNS Status Is Unconfigured?

If DNS is Unconfigured, domain name resolution fails, that is, the domain name is not connected to WAF. In this case, perform the following steps to connect the domain name again:

  • If a proxy such as CDN or AAD is used, you need to configure the back-to-source IP address, subdomain name, and TXT record. Figure 1 shows an example.

    **Figure 1** Connecting a domain name

    Figure 1 Connecting a domain name

    1. Configure the back-to-source IP address of the proxy on the website.

      For example, change the back-to-source IP address of CDN or AAD to the WAF IP address by following the instructions shown in Figure 1.

    2. Configure Subdomain Name and TXT Record.

      Add a subdomain name and TXT record to the DNS records of your DNS provider by following the instructions shown in Figure 1.

    Important

    The high availability of our system, which is based on multi-AZ deployments to support both active-active and disaster recovery, relies on the WAF CNAME record.

  • If no proxy is used, the CNAME record must be configured. Figure 2 shows an example.

    **Figure 2** Connecting a domain name (CNAME record)

    Figure 2 Connecting a domain name (CNAME record)

    1. Go to your DNS provider and configure the CNAME record. For details, contact your DNS provider.

      Important

      The high availability of our system, which is based on multi-AZ deployments to support both active-active and disaster recovery, relies on the WAF CNAME record. Therefore,

      1. Do not modify the hosts file. Add the CNAME record directly to the DNS records of your DNS provider.

      2. Do not use the A record to replace the CNAME record.

      The CNAME binding method of some common DNS providers is listed for your reference. If the following configuration is inconsistent with the actual configuration, rely on information provided by the DNS providers.

      1. Log in to the management console of the DNS provider.

      2. Go to the domain resolution record page.

      3. Set the CNAME resolution record.

        • Set the record type to CNAME.

        • Generally, enter the domain name prefix in the host record. For example, if the protected domain name is admin.demo.com, enter admin in the host record.

        • The record value is the CNAME generated by WAF.

        • Resolution line: keep the default value TTL.

      4. Click Save.

      Important

      The preceding resolution methods are provided by third parties. This document does not control or assume responsibility for any third party content, including but not limited to its accuracy, compatibility, reliability, availability, legitimacy, appropriateness, performance, non-infringement, or status update, unless otherwise specified in this document.

    2. Verify that the CNAME has been configured.

      1. In Windows, choose Start > Run. Then enter cmd and press Enter.

      2. Run the following command to query the CNAME. If the configured CNAME is displayed, the configuration is successful.

        nslookup www.domain.com

last updated: 2024-04-24 00:03