Jump to content

Best practice for networking configuration


Recommended Posts

I have a few questions that would fall under best practices for networking.

 

Should/Can passwordstate be exposed to the internet?

If so, is it best practice to put it behind a reverse proxy?

 

For setting up DNS for HA, should passwordstate be given a parent multi-record CNAME that resolves to both machines` hostnames?

Link to comment
Share on other sites

Hi Joseph,

 

We always say to perform your own risk assessment if exposing Passwordstate on the internet, but I guess that is what this forum post is all about.  If any other members would like to share their experiences with this, please feel free to comment!.

 

This blog post will help set up Passwordstate to be accessed from the internet:  https://www.clickstudios.com.au/blog/protecting-your-passwordstate-website-when-exposing-it-to-the-internet/#:~:text=Protecting your Passwordstate Website when exposing it to the Internet,-May 7%2C 2020&text=Whilst Click Studios provides and,provide CA-signed SSL Certificates.

 

We don't have any experience with reverse proxies, although we do know if not configured properly you will have issues accessing your site, and certain features.  Hopefully there is a reverse proxy expert out there that can advise with this.

 

If you have HA, generally what we see is people using a load balancer to offload the session tot he appropriate web server.  We've never configured DNS in the way you have mentioned, so unfortunately we cannot comment on that either sorry.  In our experience, you'd either have 2 separate URLs, or a load balancer in front of both websites, with a single DNS entry set on the load balancer.

 

Regards,

Support

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...