Platform-Level Security for Internal Apps: Enforcing Trust with Wildcard Subdomains
Hey everyone,
I'm looking for some advice on a project I'm working on. I currently have two internal apps – Application One and Application Two – that are both set up with DNS CNAME records pointing to a Heroku Node app. My goal is to secure any subdomain under our main domain so that communication between these apps remains secure and seamless.
The idea is to secure all these apps at a platform level rather than individually, with each app only accepting requests from *.mydomain.com.
I did consider using Cloudflare tunnels to achieve this, but I'm not able to install the cloudflared tunnel on Heroku.
Specifically, I'm wondering:
Configuration: Are there any recommended settings or configurations within Cloudflare that help enforce secure communication between multiple internal apps?
Best Practices: Any insights or best practices on managing cross-app communication securely in this kind of setup would be greatly appreciated.
Thanks in advance for any pointers or shared experiences!
0 Replies