I currently have an API setup at
http://public_static_IP:5000/api/parameters (POST requests).
I have bought a domain from NameCheap and hosted in GoDaddy, also added SSL from Cloudflare.
I have created a URL Redirect of a subdomain(http://www.web.domain.com) to http://public_static_IP:5000, which is a webpage and it is working fine.
I did the same with another subdomain(http://www.api.domain.com) to API endpoint which is an only POST request, so when I add all parameters and send a post request to this subdomain it is giving Method not allowed.
This is very important for us as users will always be using this API service and we don't want any downtime(sometimes ISP will be down), if ISP is down we want to temporarily route to some cloud service(AWS or Google Cloud) without asking users to change their base URL always.
Thanks in advance.
Related
How can we make sure all requests are routed through cloudflare seevers only?
I currently setup dns in cloudflare in proxy mode. I set a custom domain mapping on cloud run and pointed dns records for my custom domain to ghs.googlehost.com.
Wondering how to make sure the traffic is received only from cloudflare to avoid abuses.
Update
There is another question about origin pulls but the answer mentions its only possible through OAuth which is not in detail.
You cannot achieve your goal without inserting a proxy that you must build. Google Cloud authorization is OAuth. Cloudflare's servers do not implement OAuth authorization headers.
You should implement OAuth at your clients. However, that will provide for authorization but not selectively from Cloudflare.
We are going multi-region for our project and there is a need for us to use an Azure traffic manager to route traffic to each region. Our setup looks like below where our app gateway is exposed via a public IP which I used to configure on the Azure Traffic Manager.
My issue is when I hit the traffic manager URL it give me an SSL cert error, while if I hit the App gateway URL directly it works fine on HTTPS. Looking at the below error I know I need to configure the traffic manager certificate and my question is
Is this needs to be configured somewhere in the traffic manager? OR
DO we need to configure this in the application gateway and change the app gateway ingress in Kubernetes with and also use traffic manager certificate there?
• The traffic manager works at the DNS level, thus as the DNS records pointing to the traffic manager’s public URL aren’t setup correctly, you are getting this error when browsing the traffic manager’s URL. Also, when you are accessing the application gateway URLs independently, they are being accessed successfully as the URLs for the application gateways are hosted on the Azure DNS and independent public IPs are also allotted against their DNS records. Thus, appropriate DNS records to route the DNS access request for the traffic manager’s website need to be updated.
• Since you are using multi region setup in Azure with load balancing features, I am considering that your custom domain and its DNS records are setup in Azure itself. And the URLs for the application gateway are setup as separate endpoints in the form of subdomains in the custom DNS record setup itself. Thus, when you browse the application gateway URLs according to the custom domain URL setup, you can access the application page correctly. With respect to the traffic manager, you will need to create a CNAME record pointing from your custom domain to the ‘*.trafficmanager.net’ domain, while also creating a CNAME record pointing from your custom domain to your generic application gateway URLS.
• Once done, create A host records for each application gateway endpoint pointing to the public IP address assigned by Azure to them. After doing the above, your traffic manager URL should be able to route and redirect the application access requests correctly. For more information, please refer to the community discussion below which specifies the exact details relating to your problem: -
Azure Traffic Manager SSL Setup (not classic)
I bought a domain (xyz.com) from some domain provider.
I pointed its nameserver to Cloudflare to host dns.
I created an S3 bucket with name (xyz.com) and hosted my static website on it.
I added a CNAME record on cloudflare to point to the static website url of bucket.
Everything is working fine till here. (xyz.com) opens the static website hosted on S3 bucket.
Now I want to create (api.xyz.com) for AWS API Gateway custom domain.
I want API Gateway to trigger Lambda so that it computes and return back the result.
For above I added another CNAME record in cloudflare so that AWS ACM is able to issue me a certificate for (api.xyz.com). After few minutes ACM was able to issue me a certificate.
Now I added the custom domain in API Gateway and selected the above ACM certificate.
When I make http GET call to my api chrome shows:
This site can’t be reached
api.xyz.com’s server IP address could not be found.
DNS_PROBE_FINISHED_NXDOMAIN
How to fix this?
I am a beginner and maybe I am using some terms wrong. Please Ignore
Create a CNAME record to your api gateway and make sure you hit it using https
I want to host my API application in a separate server and route it through subdomain fo example api.example.com. My domain is hosted at HostGator. I have created a subdomain and redirect it to the API server by providing the IP address.
The application is written in Codeigniter for RestAPI. Whenever I call any API method by referring the subdomain it shows 404 error (api.example.com/myclass/myfunction), but if I access the same API using a direct link (192.0.2.1/myclass/myfunction) by providing the IP address of the server, it is returning correct result.
Please suggest any configuration change needed.
You can add A record on sub domain, if application is hosted on port 80.
You can simply add A RECORD as
192.0.2.1 api.example.com
You should have option to create DNS zone on hostgator.
My goal is to have an Azure App Service, served from a custom domain over HTTPS.
This app receives HTTPS POST requests and should log the remote IP in the process.
I usually get the remote IP address, the IP of the calling client, like this:
HttpRequest request = ...
var IP = request.HttpContext.Connection.RemoteIpAddress;
To have the app served over HTTPS for a custom domain I enabled an azure CDN endpoint.
Now the IP I record is for the CDN server not the calling client.
Is it possible to get the originating IP?
The requests in question are HTTPS POST so CDN caching shouldn't be an issue.
Does the Azure CDN add any headers that could contain such info?
Does adding an SSL cert directly to the App Service change anything?
By testing I've found that Azure CDN adds the X-Forwarded-For header with the client's real IP.
The only mention of this header I've found is in Azure CDN documentation mentioning the header as being reserved.
This article describes how Azure CDN works, and we could know that user request a file via CDN, if the edge servers in the POP do not have the file in their cache, the edge server requests the file from the origin. The user request does not be sent directly from client user to the origin, so as you seen, it records the IP of the edge server instead of the calling client.