Undocumented JAVA: Web Application: Deploy to the Cloud – Part 3

Introduction

Hope you have gone through the Part 1 and Part 2 of this series and now want to take your DNS to the next level. This is part we will be looking at how we will be taking or how we are going to route requests to our application via cloudflare and how cloudflare can be our DNS nameserver.

I also would like to tell everyone that I am not a network specialist. I have posted the facts as I have observed them as a web application developer. If there are misleading information, please feel free to comment them out or contact me. I will do me best to fix them.

Why Cloudflare?

I picked cloudflare as that was the cheapest option available for me. If you wish to do more research and looking for alternatives to cloudflare and feel free to checkout below links,
1. CloudFlare Alternatives and Competitors
2. 7 Top Cloudflare Alternatives For Your Website
3. alternative for cloudflare

What is Cloudflare?


"Company that provides a content delivery network, DDoS mitigation, Internet security services and distributed domain name server services, sitting between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites."

If you have gone through what is described on the Wikipedia, then it is what I am looking for. Cloudflare is a trusted network service provider. It is quite different from the DNS providers (like Godaddy, namecheap.com, etc...) or your traditional ISPs (AT & T, Comcast, Chartered... ). If you are new to this cloudflare I strongly recommend you to please visit Cloudflare Overview.

My shortest answer is, "Cloudflare is an intelligent network wrapper that controls and manges the network operations". You may call it as Venkat said it :)

How is it useful to me?

Hacker
If you think of how traditional DNS work is, have a simple human readable name match to an machine readable IP address (Internet Protocol Address). In this what we actually do is we are actually exposing the targeted IP address of our domain to everyone in the world. Which means, if you plan to host your application on your infrastructure, be it Home or Corporate or anything, you will have to share your public IP address to give the hackers idea about your network. Now, if the hacker can probe on to your network using your network infrastructure.
Large Corporations

Large corporations or banks, always isolate their public network from their private network and protect the infrastructure. They build something called bridges or network tunnels or even VPNs that actually take care of connectivity between them. To setup some network layers like that would need substantial cost and most small and medium sized companies actually hide behind some public cloud providers.


Cloudflare

If security mean anything to you please proceed or you don't have to worry about Cloudflare. It actually does not limit to security we can use cloudflare for

Get Into Action

Lets not waste time here. We shall get into action. Here is a quick recap of each parts,

Part 1: We deployed our spring boot application to the cloud.
Endpoint: https://hero-boot.herokuapp.com/greeting

Part 2: We attached the deployed application to our domain.
Endpoint: http://venkatvp.site/greeting

We shall be proceeding with an assumption that the above 2 are available for us.

Step 1

Lets sign-up to Cloudflare by visiting this link.



Step 2

Once you sign up you will be asked to add the DNS as shown in the below image.


Step 3

If you had multiple DNS records you may use the tool to auto import the DNS entries automatically or you may choose to import them manually. Since We are having only one entry in our example, I went with the option of importing it manually.




Step 4

We are not done yet. We will have to change our name servers on our DNS providers site to point to cloudflare's DNS server. This is a very important step and we need to be aware of the fact that after we update the name server from your primary DNS provider, you will not be able to manage it on the provider's interface. That is fine as the new DNS management tool will be done inside the DNS section of cloudflare.



Before you can make nameserver change here is how you see the current name servers.

$ host -t ns venkatvp.site
venkatvp.site name server dns2.registrar-servers.com.
venkatvp.site name server dns1.registrar-servers.com.

$ host venkatvp.site                      
venkatvp.site is an alias for venkatvp.site.herokudns.com.
venkatvp.site.herokudns.com has address 54.225.153.22
venkatvp.site.herokudns.com has address 50.17.234.140
venkatvp.site.herokudns.com has address 50.19.110.131
venkatvp.site.herokudns.com has address 23.23.171.5
venkatvp.site.herokudns.com has address 23.21.55.239
venkatvp.site.herokudns.com has address 50.19.252.69
venkatvp.site.herokudns.com has address 204.236.236.192
venkatvp.site.herokudns.com has address 23.23.215.144

Points to remember:

1. DNS Update may take upto 48 hrs
2. Look at the output of the host with the site name, it has the exact host name of your server. Basically if it was your corporate server you are exposing the host to the public Internet.


Conclusion

There is no more action required from our end. It all a waiting game to see if the name server gets updated and now all the traffic start going through cloudflare.

For the restless!

If you are restless like me and wish to verify if the cloudflare name server has your host covered you may directly use the name server and get the IP details.

This can be used to validate if your new name server has your host details.

$ host venkatvp.site noah.ns.cloudflare.com                                                                                                    1 ↵
Using domain server:
Name: noah.ns.cloudflare.com
Address: 173.245.59.133#53
Aliases: 

venkatvp.site has address 104.24.96.181
venkatvp.site has address 104.24.97.181
venkatvp.site has IPv6 address 2400:cb00:2048:1::6818:60b5
venkatvp.site has IPv6 address 2400:cb00:2048:1::6818:61b5
$ host venkatvp.site ali.ns.cloudflare.com 
Using domain server:
Name: ali.ns.cloudflare.com
Address: 173.245.58.59#53
Aliases: 

venkatvp.site has address 104.24.97.181
venkatvp.site has address 104.24.96.181
venkatvp.site has IPv6 address 2400:cb00:2048:1::6818:60b5
venkatvp.site has IPv6 address 2400:cb00:2048:1::6818:61b5

Example of non cloudflare host.


$ host amazon.com ali.ns.cloudflare.com
Using domain server:
Name: ali.ns.cloudflare.com
Address: 173.245.58.59#53
Aliases: 

Host amazon.com not found: 5(REFUSED)






Comments

Popular posts from this blog

Java SSL/TLS Testing Tool: Cipher Suite

Developing Spring Boot Application using Docker - Part 1

Undocumented JAVA: Web Application: Deploy to the Cloud – Part 1