Preferred way to direct user's domain names to my web app? - iis

Background context: ASP.NET / IIS (not sure if it matters)
I have a web app at example.com, and a user of my app gets his own content page at an address like example.com/abc-trinkets. I would like to offer the user the ability to point his own registered domain at my web app so his content is accessed at abctrinkets.com. Initially looking on the order of 10-100 users with custom domains.
Ideally, I would like my user to just have a single hostname or IP address that he needs to know to configure properly with his registrar, and if I change the setup of my servers (different host, change addresses, load balancing, etc.) the user will not have to change his settings.
I have no trouble handling the requests once they hit my web app, but I am looking for input on the best way to set the routing up so requests actually come to my app/server. I would like a "catch-all" type of behavior that does not require me to individually configure anything for each domain a user might point to me.
I assume I will need some kind of layer between the address I give my user and my actual server ... is this like a managed DNS service or some other type of nameserver thing I would set up with my host? Is this something simple that should already be handled by a few simple settings on my webserver? I worry that I am making this more complicated than it needs to be.

Write a script that examines the Host header in the request. In your example, if it's abctrinkets.com, then you'd either redirect or forward the request to /abc-trinkets. You'd still need a database or something for mapping the domain names to the URLs; if you're going to allow arbitrary domain names for each user account, then there's no possible way to avoid that.

Related

Routing subdomains to certain applications in Azure Application Gateway?

I've been trying out Application Gateway, and have managed to get to the point where hosting 2 applications in different pools, albeit with same port is possible using the "host" header to choose where i intended to be directed.
However, what i actually intended to do was route subdomains to certain applications.
For example, my application gateway is "app-gw.example.com", and i have 2 Azure Functions sat behind that, for simplicity, func1.example.com and func2.example.com. (They actually have distinct domains themselves, not subdomains).
I would like to route "func1.app-gw.example.com"'s traffic to func1.example.com, and "func2.app-gw.example.com" to "func2.example.com".
However, i can't seem to figure this out. Can someone explain how this can be done?
I've had also some success hosting on different ports and using the listener + routes to direct to each individual site, but they should rather be on the same port, which rules this out.
I've also tried messing with URL Rewrites, but wasn't able to get something useful from that either.
EDIT: I think maybe i'm missing something here. Perhaps i need something that points the domain names to the application gateway, and then route on that? For example:
Site 1, reachable at func1.example.com may have an entry called "func1-gw.example.com", which actually just points to the application gateway, however, the application gateway now knows that it's really supposed to be going to "func1"?
Sounds like a DNS record pointing to the gateway may work, but then i wonder how to do the routing, hmm.
Thanks.
As you are already aware of Application Gateway multiple site hosting, you can enhance the Application Gateway to route the traffic based on the URLs.
Below references might help you configure the URL based routing.
URL Path Based Routing
Application Gateway redirection
Configure URL redirection on an application gateway

custom domain name per customer single page application

I want to give my customer the ability to create their own todos list app/web.
So, I thought they could register to my application, for instance:
http://mytodos-app.com/signup and provide all preferences such as theme, title, name...
Now i could use the url/router ability to get some unique identifier from the url and use the same app, but fetch data for each customer.
i.e: http://mytodos-app.com/todos/:someuniqeid
1) is it sounds ok? or are there better strategies for this scenario?
2) if it's ok, If I want to give them the ability to configure their own domain (like in shopify you get some dynamic domain yourname.shopify.com).
So, what is the most popular/professional way to do it? I want it to be easy to the customer. any suggestions?
Other than the "cool factor", there is no benefit to using actual customized sub-domains.
You can synthesize the behavior by:
In DNS, set up a wildcard CNAME entry for *.DOMAIN.com to point to www.DOMAIN.com, be sure to buy a matching wildcard ssl/tls certificate.
Configure the web server to respond to all hostnames.
After user registration. SANITIZE the username(or whatever identifier) value.
Set an authorization cookie with the domain=DOMAIN.com option to force it not to
be a host cookie.
Redirect to username.DOMAIN.com. Same server different name.
Check the cookie in the route to serve the correct pages. Just like
you would with any login.
If there is no cookie, use the host information to populate the
username portion of the login page, or display public todos?
Make sure any Javascript scripts hosted on the site and all internal links are loaded by relative addressing.
The technique is much safer than actually creating real subdomains.

Custom Domains for a Simple Web App

I've created a really simple databaseless php application that I want to offer as a hosted solution. I've enable wildcard subdomains so that users can sign up and create a subdomain (e.g. "user.myapp.com"). However, I would like to offer the ability for my users to use a custom domain as well if they prefer. I'm pretty sure this can be accomplished by asking the user to add an A Record to their custom domain pointing to my server's IP, but I'm not sure how to handle the domain on my end once they create an A Record pointing to my server's IP.
So, say a user signs up for my service under "user.myapp.com" and then they decide they want to use a custom domain "someuser.com" instead. My specific question is — once the user adds an A Record to their domain "someuser.com" pointing to my server's IP, how do I tell my server to point that domain to "user.myapp.com"? Or is there an easier way to do this?
You'd need to first setup your server to accept requests from someuser.com, which is entirely different than setting up a wildcard for your server alias (e.g. *.myapp.com). You can have a default vhost handle all the hostnames that no other vhost is setup to handle, but then you're still left with mapping someuser.com to user.myapp.com.
Depending on how you've setup your php application, the user's going to need to enter the custom domain they've registered that they had point to your app, then you'll need to know to do that mapping internally by checking the $_SERVER['HTTP_HOST'] server variable to see what host the request is for, and if it's for someuser.com, then map it to user.myapp.com.

Custom Subdomain with CNAME Problem

I am having a bit of a struggle grasping how to use custom domains with my app. Its the common case of having an app that assigns users to subdomains, ex. user.theapp.com and they want to use a CNAME so m.theirsite.com resolves to the application. It seems that most services that do this require you to tell them what your custom domain is, and that just adding a CNAME record doesn't work. Steps:
User creates an account.
We tell them they can make a CNAME entry to yourstuff.theapp.com (which is the current location).
This is my confusion. After 1&2 my custom domain still isnt working.. so once the client makes that CNAME record and provides us with "m.theirsite.com", what special magic do we do with it to make those sites "the same"?
Thank you in advance.
Our solution was to use PHP/MySQL to solve this. As normal, you should have the external domain/subdomain CNAME'd to your app, however as you will see, the CNAME entry doesn't need to be to the exact subdomain on the app. Next, you will build an area into your database where a user can tell you what external site they have CNAME'd from. At this point, you will perform most of your authentication on the website based on the HTTP host, either grabbing the subdomain and using it as a client, or checking if the HTTP host is in your list of CNAME's and then referencing the client from there.
What the CNAME does is just point to a server location, so if you are using wildcards in your apache configuration, foo.myapp.com resolves to the same location as bar.myapp.com, but in the app can use the host to pull out the subdomain and find the client ("foo" and "bar"). When using a CNAME, like m.mywebsite.com --cnamed--> foo.myapp.com, the application no longer has that client information in the HTTP host, and as we mentioned, the apache wildcard setup (*.myapp.com) just tosses out the subdomain.. so because of this the client must tell us "I will be visiting from m.mywebsite.com, so make that a valid host name for my authentication as well."

SaaS DNS Records Design

This question is an extension to previously answered question
How to give cname forward support to saas software
Sample sites -
client1.mysite.com
client2.mysite.com
...
clientN.mysite.com
Create affinity by say client[1-10].mysite.com to be forwarded to europe.mysite.com => IP address.
Another criteria is it should have little recourse to proxy, firewall and network changes. In essence the solution I am attempting is a Data Dependent Routing (based on URL, Login Information etc.).
However they all mean I have a token based authentication system to authenticate and then redirect the user to a new URL. I am afraid that can be a single point of failure and will need a seperate site from my core app to do such routing. Also its quite some refactoring to existing code. Another concenr is the solution also may not be entirely transparent to the end user as it will be a HTTP Redirect 301.
Keeping in mind that application can be served from Load Balanced Web Servers (IIS) with LB Switch and other Network appliances, I would greatly appreciate if someone can simplify and educate me how this should be designed.
Another resource I have been looking up is -
http://en.wikipedia.org/wiki/DNAME#DNAME_record
You could stick routing information into a cookie, so that the various intermediary systems can then detect that cookie and redirect the user accordingly without there being a single point of failure.
If the user forges a cookie of his own, he might get redirected to a server where he does not belong, but that server would then check whether the cookie is indeed valid, and prevent unauthorized access.

Resources