Adding Your First Site
This guide walks you through adding a website to Atomic Edge for WAF protection.
Prerequisites
Before adding your site, you’ll need:
- Your website’s domain name (e.g.,
example.com) - Your web server’s IP address
- Access to your domain’s DNS settings
Step-by-Step Guide
1. Create a New Site
- Click Sites in the left sidebar
- Click the New Site button
- Fill in the required information:
- Site URL: Your website’s domain (e.g.,
https://example.com) - Backend IP: Your web server’s IP address (e.g.,
192.168.1.100)
- Site URL: Your website’s domain (e.g.,
2. Whitelist Atomic Edge Endpoint IPs (CRITICAL)
⚠️ Important: Most web hosting providers use firewalls to block automated or suspicious traffic. Since Atomic Edge fetches content from your origin server on behalf of visitors, your hosting provider may block our requests, causing 502 errors for all your visitors.
You MUST whitelist the Atomic Edge endpoint IPs in your hosting control panel:
After creating your site, you’ll receive both IPv4 and IPv6 endpoint addresses. Add both to your hosting provider’s firewall whitelist:
Common Hosting Control Panels:
- cPanel/WHM: WHM → ConfigServer Security & Firewall → Quick Allow → Add both IPv4 and IPv6 addresses
- Plesk: Tools & Settings → IP Address Banning (Fail2Ban) → Trusted IP Addresses → Add both IPs
- DirectAdmin: Extra Features → CSF Firewall → csf.allow → Add both IPs
- Cloud Firewalls (AWS, DigitalOcean, etc.): Add inbound rules allowing HTTP (80) and HTTPS (443) from both endpoint IPs
What happens if you don’t whitelist?
- Your hosting provider may block Atomic Edge from fetching your site
- Visitors will see 502 Bad Gateway errors
- Your site will be inaccessible until IPs are whitelisted
💡 Tip: You can test backend connectivity in the Site edit page using the "Test" button next to your backend IP addresses. This will confirm whether Atomic Edge can reach your origin server.
3. Configure DNS
After whitelisting endpoint IPs, you need to point your domain to Atomic Edge. Atomic Edge provides both IPv4 and IPv6 addresses for dual-stack support.
- Log into your DNS provider (Cloudflare, GoDaddy, etc.)
- Update your domain’s A record (IPv4) to point to the IPv4 address provided by Atomic Edge
- If your endpoint supports IPv6 (most do), also add an AAAA record pointing to the IPv6 address
- Wait for DNS propagation (usually 5-60 minutes)
Example DNS Configuration:
- A Record:
example.com→203.0.113.100(IPv4 from Atomic Edge) - AAAA Record:
example.com→2001:db8::1(IPv6 from Atomic Edge, if provided)
Note: If you only have IPv4, you can skip the AAAA record. However, configuring both records ensures your site is accessible to all users, including those on IPv6-only networks.
4. Verify Configuration
Once DNS has propagated:
- Visit your website in a browser
- Check that your site loads correctly
- View the Analytics tab to confirm traffic is flowing through Atomic Edge
- Use the Test button in the General tab to verify backend connectivity
Common Issues
502 Bad Gateway errors
- Most Common Cause: Your hosting provider is blocking Atomic Edge endpoint IPs
- Fix: Whitelist both IPv4 and IPv6 endpoint addresses in your hosting control panel (see Step 2)
- How to verify: Use the "Test" button next to Backend IP fields in the Site edit page
- Note: This is the #1 issue users face – always whitelist endpoint IPs first
Site not loading after DNS change
- Wait longer for DNS propagation (can take up to 60 minutes)
- Check that the backend IP address is correct
- Verify your web server is running
- Confirm endpoint IPs are whitelisted in your hosting firewall
SSL/HTTPS errors
- Ensure your backend server has a valid SSL certificate
- Check SSL settings in the General tab
- Verify port 443 is open if using HTTPS backend
Connection timeout errors
- Backend server may be down or unreachable
- Firewall blocking Atomic Edge endpoint IPs (whitelist them!)
- Wrong backend IP address configured
- Backend server listening on wrong port (80 vs 443)
Next Steps
Once your site is added and working:
- Enable WAF protection in the WAF tab
- Configure access control in the Access Control tab
- Set up rate limiting to prevent abuse
Frequently Asked Questions
What do I need to add my site?
Prerequisites for setupYou need your website’s domain name, your web server’s IP address (origin), and access to your domain’s DNS settings to point the domain to Atomic Edge.
Why do I need to whitelist Atomic Edge IPs?
Prevent 502 errors from hosting firewallsMost hosting providers block automated traffic. Since Atomic Edge fetches content on behalf of visitors, your hosting firewall may block requests and cause 502 errors. Whitelist our endpoint IPs to prevent this.
How do I whitelist IPs in cPanel?
ConfigServer Security firewallIn WHM, go to ConfigServer Security & Firewall, then Quick Allow, and add both IPv4 and IPv6 endpoint addresses provided by Atomic Edge.
How do I test if my backend is reachable?
Use the Test buttonIn the Site edit page, click the Test button next to your backend IP addresses. This confirms whether Atomic Edge can reach your origin server through any firewalls.
Do I need both A and AAAA records?
IPv4 and IPv6 DNS configurationAt minimum, add an A record for IPv4. If your endpoint supports IPv6, also add an AAAA record. This ensures your site is accessible to all users including those on IPv6-only networks.
Why am I getting 502 Bad Gateway errors?
Most common cause and fixThe most common cause is your hosting provider blocking Atomic Edge endpoint IPs. Whitelist both IPv4 and IPv6 addresses in your hosting control panel firewall.
How long does DNS propagation take?
Typical propagation timesDNS changes typically propagate within 5-60 minutes. Use a low TTL (300 seconds) during setup to speed up changes. You can verify propagation using online DNS lookup tools.
What if my site doesn't load after DNS change?
Troubleshooting checklistCheck that DNS has propagated, verify the backend IP is correct, confirm your web server is running, and ensure Atomic Edge endpoint IPs are whitelisted in your hosting firewall.