Get started
We are having lots of fun on Discord. Come and join us!
Star on GitHub 45.1K Get started
Back

[SOLVED] Setup Custom Domains for domain name behind Cloudflare dns

  • 0
  • Flutter
  • Web
View on Discord
BugForce
16 Aug, 2023, 10:03

I have configured my domain name with Cloudflare DNS and obtained a free SSL certificate from Cloudflare. I've set up this domain as an endpoint in my Appwrite dashboard, and everything seems to be working fine. However, I keep encountering a warning message in my console whenever I run my app: 'Appwrite is using localStorage for session management. Increase your security by adding a custom domain as your API endpoint.' Should I be worried about this warning, and does it impact my security? Despite this, Appwrite doesn't seem to accept my domain name as a custom domain. What steps can I take to resolve this issue and properly configure my Appwrite endpoint with my domain?"

TL;DR
The user encountered a warning message saying Appwrite is using localStorage for session management and the need to add a custom domain as the API endpoint. The user is also facing difficulty in configuring their Appwrite endpoint with their domain. A solution is provided in the form of a link to the documentation on custom domains (https://appwrite.io/docs/custom-domains). Follow the instructions there to properly set up the custom domain and resolve the issue.
joeyouss
16 Aug, 2023, 13:36

Hi

joeyouss
16 Aug, 2023, 13:50

The warning suggests that using localStorage for session management isn't the most secure method when compared to using HTTP cookies with the HttpOnly attribute. When a session is stored in localStorage, it's accessible by any JavaScript running on your page, which can make it vulnerable to XSS attacks.

Appwrite prefers to use more secure methods for session management, like HTTP cookies. However, to set cookies from Appwrite to your frontend, both need to be on the same domain or subdomain. This isn't possible when you're not using a custom domain with Appwrite, so Appwrite falls back to using localStorage.

So, it is much better to use custom domain

Now for the second part of the question:

Custom Domain Setup: If you've already configured your domain with Appwrite, make sure you've set it up correctly. This includes updating the DNS records, ensuring SSL works properly, and configuring your Appwrite environment to use your custom domain.

CORS & Appwrite Console: In the Appwrite console, ensure that you've added your custom domain under the settings section to allow requests from your frontend domain.

We have details on this page about everything related to custom domains, can you please read them once? https://appwrite.io/docs/custom-domains

BugForce
16 Aug, 2023, 16:27

@joeyouss Hi there I believe there might be an issue with Cloudflare's service. I followed the custom domain configuration instructions precisely as outlined in the documentation you provided earlier. However, despite my endpoint URL functioning properly behind Cloudflare, the dashboard is still presenting an error message that reads: 'Domain verification for the requested domain has failed.'

BugForce
16 Aug, 2023, 18:20

Setup Custom Domains for domain name behind Cloudflare dns

Binyamin
17 Aug, 2023, 00:05

It might be due to the fact your server don't use SSL before <:cloudflare:1026272852900581496> Cloudflare. Check this: https://book.appread.io/post-installation#cloudflare-other-https-on-dns-level

BugForce
17 Aug, 2023, 18:14

@Binyamin Thanks that article helped me alot :appwritepeepo:

BugForce
17 Aug, 2023, 18:14

[SOLVED] Setup Custom Domains for domain name behind Cloudflare dns

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more