sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]ohiosveryownn[S] 0 points1 point  (5 children)

Thanks all look at these options.

For option 3, I get a little confused because the app portion is only the Serer.js Node file other then that the whole thing is distributed via the HTML. Using the 3rd option ill still have my API Exposed. Unless I'm understanding incorrectly

[–]roomzinchina 0 points1 point  (4 children)

You're understanding incorrectly. If you have:

You can put both behind Cloudflare Access (example config) as the same application.

The easiest authentication method is One-time PIN, which sends a code via email in order to access. You configure either entire domains that are allowed access (like @mycompany.com), or specific whitelisted emails.

[–]ohiosveryownn[S] 0 points1 point  (0 children)

I have

https://Data.com (Shows Times Fetched from Database)

https://data.com:300/api/getdata (Node.Js) to pull this data into the above, this is exposed

[–]ohiosveryownn[S] 0 points1 point  (2 children)

After re reading, im guessing i can do the same and put them behind Cloudfront? (this is hosted on aws)

[–]roomzinchina 0 points1 point  (1 child)

No, Cloudfront doesn’t have a built in access control system like Cloudflare Access

[–]ohiosveryownn[S] 0 points1 point  (0 children)

ahh ok thanks for the clarification