Docs

Changing Your Domain

Overview

If you need to change the domain associated with your WAF instance (for example, migrating from example.com to newsite.com), the process requires provisioning a new WAF for the new domain while keeping the old one active.

Due to how both the WAF and Heroku routing work, each WAF instance is tied to a single domain. A domain change is effectively a new WAF setup.

Note: If you are renaming your Heroku app (not changing your domain), see Changing Your Heroku App Name instead — that is a different process.

Before You Start

Make a note of any custom settings you have configured on your current WAF:

  • IP blocklist and allowlist entries
  • Path rules and allowlisted URLs
  • Caching settings
  • Any custom security headers

ExpeditedWAF will migrate your WAF rules to the new instance once it is set up.

Steps to Change Your Domain

1. Keep the Current WAF Active

Do not remove the existing WAF addon yet. Keeping it active prevents downtime while the new domain is being configured.

2. Add the New Domain in Heroku

In your Heroku app, navigate to Settings, scroll down to Domains, and add the new domain.

3. Update DNS for the New Domain

Log in to your DNS provider and create a CNAME record using the DNS target provided by Heroku for the new domain. This ensures the WAF detects that the domain is set up and ready.

4. Provision the New WAF

Run the following command to add a new WAF instance:

heroku addons:create expeditedwaf:basic --app [YourAppName]

5. Complete the New WAF Setup

In your Heroku app, navigate to Resources. You should now see two ExpeditedWAF instances listed. Click on the new instance to open the setup wizard and complete the standard WAF setup process for the new domain.

6. Remove the Old WAF

Once the new WAF is fully operational and DNS has propagated, you can remove the old WAF addon from your Heroku app’s Resources tab.

Post-Setup Tasks

  • WAF Rule Migration — If you want your existing WAF rules (blocklists, allowlists, path rules, etc.) moved to the new instance, contact support@expeditedsecurity.com and we’ll handle the migration for you.
  • Redirection — Add logic to your application to detect the Host header and redirect requests for the old domain to the new WAF domain. This ensures visitors and search engines are directed to the correct URL.

Need Help?

We’re happy to walk you through this process: