Imperva Cyber Community

communities_1.jpg
 View Only
Back to discussions
Expand all | Collapse all

Single Origin Web Server hosting multiple sites with different domains with a single public IP

  • 1.  Single Origin Web Server hosting multiple sites with different domains with a single public IP

    Posted 07-21-2023 03:20

    Hi,

    We have a customer that hosts multiple websites (different domains), on a single web server on a single DC with 1 public IP.

    How can Cloud WAF support this use case and onboard all the websites to Imperva Cloud WAF service?

    Thanks!


    #CloudWAF(formerlyIncapsula)

    ------------------------------
    Vasilis Panourgias
    Pre Sales Engineer
    ITWAY Hellas S.A.
    Halandri
    ------------------------------


  • 2.  RE: Single Origin Web Server hosting multiple sites with different domains with a single public IP

    Posted 07-21-2023 14:01

    Hi Vasilis.

    I was thinking in this enviroment, and it's similar with an scenario where the applications are hosted for example in different servers but are published by the same IP Public address (an AWS infraestructure without an elastic IP for each instance, just as an example)

    It's important to keep in mind that Cloud WAF it's the front face for application users or web portal users, it all depends on the way in which you manage your DNS records and populate it around the world, but if your web server system its able to handle requests that are originated from the IMPERVA IP's you shouldn't have problems onboarding this sites. I mean, it's not important that the all sites have been published with the same IP, Cloud WAF will addreess those requests to the origin server IP that you configure on the general configuration for the site (even when you start to onbarded the sites, the discovery procees should recognize the same IP for all the applications)

    Important to remember that the configuration on the web site settings needs to be similiar with your customer scenario (Single Server)

    Regards!



    ------------------------------
    Edson A. Perez Hernandez
    Data Warden S.A. de C.V. | Support Engineer | IDSC
    Mexico City
    ------------------------------

    Original Message


  • 3.  RE: Single Origin Web Server hosting multiple sites with different domains with a single public IP
    Best Answer

    Posted 07-21-2023 14:03
    Edited by John Thompson 01-15-2024 14:06

    Hi Vasilis,

    If the Origin has multiple sites on a single server then you can reuse the CNAME.

    Example:-

    • You want to onboard a site on Impverva (www.abc.com) after onboarding we will provide you a CNAME (qwert.x.incapdns.net).
    • The customer just needs to add a CNAME to their DNS server so that traffic for their site should travel through the Imperva network.

    If you have multiple websites on the same server and do not want to onboard on Imperva but still want your traffic via Imperva, and also do not want to repeat the above site onboarding steps, kindly reuse the provided CNAME at the DNS server.

    How DNS entries will look in this scenario:-

    www.abc.com CNAME 3600 qwert.x.incapdns.net

    www.xyz.com CNAME 3600 qwert.x.incapdns.net

    www.pqr.com CNAME 3600 qwert.x.incapdns.net

    Please refer to the doc for reference:-https://docs.imperva.com/bundle/cloud-application-security/page/more/cname-reuse.htm



    ------------------------------
    Ankit Sharma
    Cloud Security Engineer | Enterprise Services
    Imperva
    ------------------------------

    Original Message