How do I configure my DNS to work with the VGS Reverse Proxy?

The VGS reverse proxy sits in front of your API to help you securely retrieve and redirects traffic from third parties to a secure VGS vault. To configure this, VGS will provision a custom SSL certificate for you. Please follow the following steps:

  1. Add a DNS entry for us; here's a general outline of how to do this if you're using Godaddy: link
  2. Setup a CNAME on your side.

There are two recommended ways to set up the CNAME:

  • send all traffic through the proxy 
    1. In this case, VGS would provision an SSL certificate like `api.example.com` and
    2. you would then add a CNAME which configures this hostname to point at `api.live.verygoodproxy.com`.
    3. Then, VGS would set the destination host for the reverse proxy to something like `api-internal.example.com` which would be the API on your server so that your server can receive the redacted and encrypted records. 
  • send only sensitive traffic through the proxy 
    1. In this case VGS would provision an SSL cert like `secure.example.com` with a similar CNAME setup.
      1. You would then add a CNAME which configures this hostname to point at `api.live.verygoodproxy.com`.
      2. Then, VGS would set the destination host for the reverse proxy to something like `api-internal.example.com` which would be the api on your server so that your server can receive the redacted and encrypted records. 
    2. So whenever you need to secure traffic, configure that traffic to go to this hostname.
    3. For any traffic you do not explicitly send through the proxy, configure that traffic to post directly to your servers via your backend api (e.g. something like `api.example.com`).
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.