Skip to main content

Firewall issues

Top-level domain is blocked

In some companies the firewall blocks all domains ending with .cloud. This is probably because the firewall is configured to block all domains that are not on a whitelist. The .cloud top-level domain is relatively new and is not on the whitelist.

If you encounter this issue and you are not able to whitelist the .cloud top-level domain, we recommend that you setup and host a proxy server in your infrastructure. You can expose this proxy under your own domain like proxy.yourcompany.com. The proxy server can then forward all requests to the Space Blocks API *.spaceblocks.cloud domain.

Using NGINX as a proxy

One option is to use NGINX as a proxy. As configuration, you can use the following template. Make sure, to adjust it to the URL of your Space Blocks environment (e.g. https://foo.permissions.bar.spaceblocks.cloud).

nginx.conf
server {
    listen 80;
    listen [::]:80;

    location / {
        proxy_pass https://<SPACE_BLOCKS_ENVIRONMENT_URL>;
        proxy_set_header Host <SPACE_BLOCKS_ENVIRONMENT_URL>;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # Forward all headers
        proxy_pass_request_headers on;
    }
}