PHP code to check if a domain is enrolled in Incapsula WAF

Incapsula is a WAF service from Imperva. The company that I currently work for, is one of their biggest customers. We use Incapsula to protect our public websites. Recently I had an opportunity to work on developing a single page app that can show us the live status of the domain enrollment so that we can be sure that all domains are protected at every time.

The following is code snippet checks the DNS record (CNAME) of the domain to make sure it reports incapsula DNS.

function getCNAME($domain, $level = 0)
        $result = dns_get_record($domain, DNS_CNAME);
        if (isset($result[0])) {
            $target = $result[0]['target'];
            if (strpos($target, '') !== false) {
                return true;
            } else {
                if ($level === 1) {
                    return false;
                } else {
                    // If this again returns a domain that we own
                    return getCNAME($target, 1);


    function isEnrolled($domain)
        $return['status'] = getCNAME($domain, 0);

        return $return;

The second function is not really necessary, and I had some additional code in that function to return some additional data which I removed for posting here. But I’ll leave that as it is and leave you to customize it as per your need.

To check a domain, simply call the function

$return = isEnrolled('');
if ($return['status'] === 1 ) {
 echo 'Enrolled';
 echo 'Not enrolled';

Leave a Reply

Your email address will not be published.