Proxying LogRocket, Sentry, Datadog RUM
Hello team!
We're looking to proxy LogRocket, Sentry and Datadog RUM requests from our frontend through our domain (hosted on Cloudflare). This is to help prevent adblockers or firewalls from blocking this traffic.
Do you have any prepared guidance on how others have done this?
We are currently using a CNAME proxy for LogRocket and got a "Error 1014 - CNAME Cross-User Ban" when trying to proxy traffic to their CDN (since it is Cloudflare). Is CNAME proxying advised?
1 Reply
You could use a worker, I see someone already built something kinda like this for sentry: https://gist.github.com/timfish/a69dd7457b8d6d97c0a8018675be6c23
You're not going to be able to just point CNAMEs at them unless they specifically support Custom Domains, for the reasons of:
Most websites are setup to only respond to specific host headers, your cname would have your own site in the host header (
sentryproxy.yourdomain.com), and thus be refused
SSL/TLS wouldn't be setup for it and would fail
If they're using Cloudflare, all the same and they have to specifically configure their domain to accept your custom domain (ex: by using CF For SaaS).
So, if they want to support CNAMEing/Custom domains, they could, otherwise you'd have to do something more manual like with Workers, forwarding the request. It'd have Cloudflare IPs too if they use the sender IPs, unless they support reading the client ip from a custom header you can pass like X-Forwarded-For.
So it really depends on how much the tool supports Custom Domains like that. Worst case, you may have to proxy serving the library and patch it to submit events via your worker.Gist
Sentry Cloudflare Workers Proxy - Makes JavaScript and event submis...
Sentry Cloudflare Workers Proxy - Makes JavaScript and event submission first-party! - README.md