Can a VPN be added to Cloudflare Workers for API security?
Hey!
I am currently using Cloudflare Workers for my API but I am concerned about the security of my data. While Cloudflare Workers offer features like HTTPS encryption, I am wondering if it's possible to add a VPN to Cloudflare Workers to add an extra layer of security to my API.
Has anyone attempted this before? If so, what was your experience like and how did you go about implementing this solution? If it's not possible to use a VPN with Cloudflare Workers, what other options do I have to improve the security of my API?
I would greatly appreciate any advice or suggestions that you may have on this topic. Thank you in advance for your help!
6 Replies
A VPN is not something you can use. mTLS would be your option for added security between the two clients.
https://developers.cloudflare.com/workers/runtime-apis/mtls/
oh i see, i ll check it out
thanks!
does it use ipsec?
mTLS makes both sides of the connection present/validate a certificate, so both sides prove their identity. It's just normal https other then that.
What is your concern here? You want to ensure your data is encrypted? Or are you talking about authorization, making sure only your servers/services can connect to your API?
The thing is that we are using a payment platform that require us to use vpn for production
Does cloudflare has vpc configuration?
your payment platform requires you to use a vpn to connect to their services?
CF Workers just do http (for now), no vpc or internal stuff (other then service bindings to other workers/cf services). If the payment platform you are using requires you to use a tunnel or special way to connect to them that isn't over http, you'll need to have an external service that your worker connects to.
If you're using any modern payment provider though, they shouldn't require anything like that. There is examples of using Workers with Stripe and such you can find on github
Sadly is a mexican provider and their tecnology is a little bit rustic 😅