DNS Configuration (Reseller SaaS License)
This guide explains how to configure DNS for your WhautoChat Reseller SaaS deployment, enabling you and your clients to use custom domains and maximize security.
Why Use Cloudflare Pro?
As a reseller, we highly recommend using atleast Cloudflare Pro or higher. Cloudflare Pro provides advanced DNS-level security, a robust Web Application Firewall (WAF), rate limiting, and hides your server's real IP. These features are critical for protecting your customers and your own infrastructure from abuse and attacks.
- WAF is essential: Always enable Cloudflare's WAF for all your domains. It helps keep bad actors away and provides granular security controls.
- Reverse proxy: Cloudflare masks your server's true IP, making it harder for attackers to target your infrastructure directly.
- Enable Full SSL at your DNS provider (e.g., Cloudflare). This ensures all traffic from end users to Cloudflare is encrypted. In addition, SSL certificates (via Let's Encrypt) will be installed automatically on your server during the application installation step. This setup provides end-to-end encryption from your users to Cloudflare and from Cloudflare to your server.
Required DNS Records
Before installing WhautoChat, you must create the following 4 DNS records:
| Type | Name | Value (Points to) | Purpose |
|---|---|---|---|
| A | core.yourproduct.com | [Your Server Public IP] | Backend core API |
| A | ws.yourproduct.com | [Your Server Public IP] | Websocket server |
| A | app.yourproduct.com | [Your Server Public IP] | Main app for end users |
| A | live.yourproduct.com | [Your Server Public IP] | LiveChat for website visitors |
- Replace
[Your Server Public IP]with the actual IP address of your cloud instance.
Step 1: Choose Your Domain
- Decide on the domain or subdomain (e.g.,
chat.yourproduct.com) you want to use for your WhautoChat instance. - Register your domain with a reputable provider if you haven’t already.
Step 2: Update DNS Records
- Log in to your DNS provider’s dashboard (e.g., Cloudflare, GoDaddy, Namecheap, AWS Route 53).
- Create or update the records listed above.
Step 3: Propagate DNS Changes
- DNS changes can take up to 24 hours to propagate, but often update within an hour.
- Use tools like whatsmydns.net to check propagation.
Step 4: Enable SSL/TLS (Recommended)
- Enable TLS at the DNS provider level (e.g., Cloudflare Full SSL).
- SSL certificates for your domains will be automatically installed using Let's Encrypt during the application installation steps.
- This ensures all traffic to your WhautoChat instance is encrypted.
Step 5: Security Best Practices
- Use a reputable DNS provider with DDoS protection (e.g., Cloudflare Pro or higher).
- Always install rate limiting rules and a WAF on your domain.
- Enable DNSSEC if available.
- Regularly review and restrict DNS record access.
Optional: Advanced DNS Setup
- For multi-region or high-availability deployments, consider using DNS load balancing or failover features.
- Set up SPF, DKIM, and DMARC records if you plan to send emails from your domain.
Other WAF Options
While Cloudflare Pro is highly recommended for most users, there are other enterprise-grade Web Application Firewall (WAF) solutions available, including:
- AWS WAF (Amazon Web Services)
- Azure Web Application Firewall (Microsoft Azure)
- Google Cloud Armor (Google Cloud Platform)
- Imperva Cloud WAF
- Akamai Kona Site Defender
- F5 Silverline WAF
Choose the WAF that best fits your infrastructure and security requirements.
Need more help? Refer to your DNS provider’s documentation or contact your IT administrator.