Undocumented JAVA: Web Application: Deploy to the Cloud – Part 3

-

Introduction

Hope you have gone through the Part 1 and Part 2 of this series and now want to take your DNS to the next level. This is part we will be looking at how we will be taking or how we are going to route requests to our application via cloudflare and how cloudflare can be our DNS nameserver.

I also would like to tell everyone that I am not a network specialist. I have posted the facts as I have observed them as a web application developer. If there are misleading information, please feel free to comment them out or contact me. I will do me best to fix them.

Why Cloudflare?

I picked cloudflare as that was the cheapest option available for me. If you wish to do more research and looking for alternatives to cloudflare and feel free to checkout below links,
1. CloudFlare Alternatives and Competitors
2. 7 Top Cloudflare Alternatives For Your Website
3. alternative for cloudflare

What is Cloudflare?


"Company that provides a content delivery network, DDoS mitigation, Internet security services and distributed domain name server services, sitting between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites."

If you have gone through what is described on the Wikipedia, then it is what I am looking for. Cloudflare is a trusted network service provider. It is quite different from the DNS providers (like Godaddy, namecheap.com, etc...) or your traditional ISPs (AT & T, Comcast, Chartered... ). If you are new to this cloudflare I strongly recommend you to please visit Cloudflare Overview.

My shortest answer is, "Cloudflare is an intelligent network wrapper that controls and manges the network operations". You may call it as Venkat said it :)

How is it useful to me?

Hacker
If you think of how traditional DNS work is, have a simple human readable name match to an machine readable IP address (Internet Protocol Address). In this what we actually do is we are actually exposing the targeted IP address of our domain to everyone in the world. Which means, if you plan to host your application on your infrastructure, be it Home or Corporate or anything, you will have to share your public IP address to give the hackers idea about your network. Now, if the hacker can probe on to your network using your network infrastructure.
Large Corporations

Large corporations or banks, always isolate their public network from their private network and protect the infrastructure. They build something called bridges or network tunnels or even VPNs that actually take care of connectivity between them. To setup some network layers like that would need substantial cost and most small and medium sized companies actually hide behind some public cloud providers.


Cloudflare

If security mean anything to you please proceed or you don't have to worry about Cloudflare. It actually does not limit to security we can use cloudflare for

Get Into Action

Lets not waste time here. We shall get into action. Here is a quick recap of each parts,

Part 1: We deployed our spring boot application to the cloud.
Endpoint: https://hero-boot.herokuapp.com/greeting

Part 2: We attached the deployed application to our domain.
Endpoint: http://venkatvp.site/greeting

We shall be proceeding with an assumption that the above 2 are available for us.

Step 1

Lets sign-up to Cloudflare by visiting this link.



Step 2

Once you sign up you will be asked to add the DNS as shown in the below image.


Step 3

If you had multiple DNS records you may use the tool to auto import the DNS entries automatically or you may choose to import them manually. Since We are having only one entry in our example, I went with the option of importing it manually.




Step 4

We are not done yet. We will have to change our name servers on our DNS providers site to point to cloudflare's DNS server. This is a very important step and we need to be aware of the fact that after we update the name server from your primary DNS provider, you will not be able to manage it on the provider's interface. That is fine as the new DNS management tool will be done inside the DNS section of cloudflare.



Before you can make nameserver change here is how you see the current name servers.

$ host -t ns venkatvp.site
venkatvp.site name server dns2.registrar-servers.com.
venkatvp.site name server dns1.registrar-servers.com.

$ host venkatvp.site                      
venkatvp.site is an alias for venkatvp.site.herokudns.com.
venkatvp.site.herokudns.com has address 54.225.153.22
venkatvp.site.herokudns.com has address 50.17.234.140
venkatvp.site.herokudns.com has address 50.19.110.131
venkatvp.site.herokudns.com has address 23.23.171.5
venkatvp.site.herokudns.com has address 23.21.55.239
venkatvp.site.herokudns.com has address 50.19.252.69
venkatvp.site.herokudns.com has address 204.236.236.192
venkatvp.site.herokudns.com has address 23.23.215.144

Points to remember:

1. DNS Update may take upto 48 hrs
2. Look at the output of the host with the site name, it has the exact host name of your server. Basically if it was your corporate server you are exposing the host to the public Internet.


Conclusion

There is no more action required from our end. It all a waiting game to see if the name server gets updated and now all the traffic start going through cloudflare.

For the restless!

If you are restless like me and wish to verify if the cloudflare name server has your host covered you may directly use the name server and get the IP details.

This can be used to validate if your new name server has your host details. 

$ host venkatvp.site noah.ns.cloudflare.com                                                                                                    1 ↵
Using domain server:
Name: noah.ns.cloudflare.com
Address: 173.245.59.133#53
Aliases: 

venkatvp.site has address 104.24.96.181
venkatvp.site has address 104.24.97.181
venkatvp.site has IPv6 address 2400:cb00:2048:1::6818:60b5
venkatvp.site has IPv6 address 2400:cb00:2048:1::6818:61b5
$ host venkatvp.site ali.ns.cloudflare.com 
Using domain server:
Name: ali.ns.cloudflare.com
Address: 173.245.58.59#53
Aliases: 

venkatvp.site has address 104.24.97.181
venkatvp.site has address 104.24.96.181
venkatvp.site has IPv6 address 2400:cb00:2048:1::6818:60b5
venkatvp.site has IPv6 address 2400:cb00:2048:1::6818:61b5

Example of non cloudflare host.


$ host amazon.com ali.ns.cloudflare.com
Using domain server:
Name: ali.ns.cloudflare.com
Address: 173.245.58.59#53
Aliases: 

Host amazon.com not found: 5(REFUSED)






Comments

Post a Comment

Popular posts from this blog

Java SSL/TLS Testing Tool: Cipher Suite

-
Image
Recently I was reading about the TLS/SSL and Ciphers. I was also interested to read about the Ciphers that are provided out of the box with JDK. This looked to me like this is something we take it for granted and do not do our due diligence when talking about the Ciphers. We often times leave those topic to our organization's network and security team. From my experience, it is a topic that all the developers leave it to the Sr. Developers and then the Sr. Developers pass it on to the Management. Guess what? It is not a sweet topic to discussion. To break this kind of symptom, I have choose to make it simple and want everyone to understand the complexity and importance of knowing this. Lets get started Before we wet our hands here is some basic information that you will require to know, Word Meaning Protocol A defined set of rules and regulations that determine how data is transmitted in telecommunications and computer networking SSL
Read more

PWA: Building and publishing a PWA in 15ish minutes using Angular 5 and Service Worker

-
Image
Introduction Here is an express start to your first PWA with service workers and a 100% score from lighthouse. I have taken it as a challenge to be able to present it to you so that you may be able to put your first pwa "hello world" app in 15ish minutes. What is PWA? Progressive web apps (PWAs) take traditional web sites/applications — with all of the advantages the web brings — and add a number of features that give them many of the user experience advantages of native apps. This set of docs tells you all you need to know. - Source: https://developer.mozilla.org/en-US/Apps/Progressive If the above definition sounds interesting, then this is to get you kickstarted with PWA using Angular 5 and inspire you to build more PWAs. End of this post you should be able to build, host and publish a PWA and get motivated to read more about it. Ever since I read about PWAs It has intrested me like crazy. Before, you get excited about PWA, please look into the supported brow
Read more

Yarn and Angular-CLI

-
Background I have been thinking of a faster package management tool ever since I started using NPM (Node Package Manager). Please don’t mistake me having anything against NPM. I still love this package manager and I very much love the rich command-line that it came with. When it was created, it was really the leader and because of this NPM the whole JS world has seen a revolution. NPM surly was the spark to the revolution in the JS (Java Script) world. To make it clear for everyone why we needed a new package manager is because of the following challenges that we had with NPM, 1.      The Nested dependencies that was sometimes going in infinity loops. At times, it was impossible to delete files on the PC as the paths were too nested. 2.      Everything on the world had to depend on only one registry. https://www.npmjs.com/ 3.      Single threaded installation. The installation of the dependencies are single threaded. 4.      You are always expected to be online even i
Read more