5 min read
Overview
Domain masking or URL masking is the act of disguising the actual domain name of a web resource in favor of another domain name. This article will demonstrate how to set up domain masking on an Ethereum endpoint with QuickNode. Although we will use an Ethereum endpoint in this guide, all steps in the guide are valid for other blockchains (i.e., Solana, Arbitrum, Polygon) as well.
What You Will Need
- A domain name you own
- A QuickNode account to get your endpoint
- A terminal (also known as command line)
- Basic understanding of DNS
The Domain Masking security feature is only available to users on the Growth plan or above.
About Domain Masking
To better understand domain masking, let us go over an example: Say you manage a crypto project and offer a free public endpoint to your users for accessing the blockchain. The domain name for your blockchain endpoint is probably generated by your infrastructure provider and is not branded to your crypto project. You can leverage domain masking to point users to your branded domain name, one that closely represents your project, while still accessing the infrastructure providers' resources. You can also use domain masking to shorten a domain name that's otherwise lengthy and doesn't provide the best user experience.
Drawbacks of Domain Masking
Your actual domain name (a.k.a. infrastructure provider domain name) will not be private. For example, if you ping a masked domain name (a.k.a your branded domain name), you'll see the actual domain name and IP being accessed. Also, keep in mind that because your original domain name can still be accessed, it results in two locations from which your users can access the resources.
Editing Your Domain's DNS Settings
The goal of this section is to modify your domain's DNS settings to include your QuickNode endpoint. We will be masking the infrastructure provider node's domain name (i.e., indulgent-withered-frost.quiknode.pro) to our own domain (i.e., node.friendlynode.xyz).
First, retrieve the HTTP URL for your Ethereum endpoint located on the Get Started tab. You will need this URL when adding a CNAME record to your domain name. If you don't have an Ethereum endpoint already, you can create one quickly by signing up for a QuickNode account here.
Next, head over to your domain provider's management portal and navigate to the DNS settings page. You'll need to create a Canonical Name (CNAME) record so you can alias your QuickNode HTTP URL. Since there are several different domain providers, here are a few links to some that show you how to add a CNAME record to your domain:
Generally, you'll need the following items when adding a CNAME record:
Field | Value | Description |
---|---|---|
Hostname | <subdomain>.<your-domain>.<top-level-domain> | Domain name you'll use to mask your QuickNode endpoint (e.g., node.friendlynode.xyz) |
Type | CNAME | Type of DNS record |
TTL | 3600 seconds (1 hour) | Timer in seconds or hours |
Data | <your-quicknode-url-without-http-schema-and-security-token> | Your QuickNode endpoint (e.g., indulgent-withered-frost.quiknode.pro) |
Note that the data field should only include your QuickNode endpoint name (without the HTTP schema and security token). For example, if your complete endpoint URL is https://indulgent-withered-frost.quiknode.pro/XX-Security-Token-XX/, you would only use indulgent-withered-frost.quiknode.pro
.
It's also important to note that if you use your main domain name for your website, you cannot use it as a masked domain name. You will need to add a subdomain in front of your main domain. In our example, our main domain is friendlynode.xyz, and we're adding the subdomain node in front of it (i.e., node.friendlynode.xyz).
Verify Domain's DNS Settings
You may have to wait until your changes propagate after creating the CNAME record. In this step, we will demonstrate how to check if you set up your CNAME record correctly.
Open your terminal window and make a simple nslookup request to check that CNAME record is set up correctly. To do this, replace the <MASK_DOMAIN_URL>
placeholder in the nslookup request below with the domain of the CNAME record you just created and hit enter.
nslookup -type=CNAME <MASK_DOMAIN_URL>
The terminal output should be similar to the one below.
$ nslookup -type=CNAME node.friendlynode.xyz
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
node.friendlynode.xyz canonical name = indulgent-withered-frost.quiknode.pro.
Authoritative answers can be found from:
Pay attention to the line: node.friendlynode.xyz canonical name = indulgent-withered-frost.quiknode.pro
. This line tells you your branded domain is pointed to the Ethereum endpoint's domain. It's important that you make sure your CNAME record is configured properly before moving onto the next step.
Setup Domain Masking on Ethereum Endpoint
Go to the Domain Masks section within the Security tab on your Ethereum endpoint.
After enabling Domain Masks, type in the domain you will use to mask your current QuickNode HTTP URL, and then click Add. Once added, you will see your domain name listed in the table.
Verify Domain Masking
We can make a quick CURL request to check that our domain masking is working correctly. Replace the <YOUR_BRANDED_DOMAIN>
placeholder in the CURL request below with the domain of the CNAME record you just created and <TOKEN>
with the security token of your endpoint.
curl https://<YOUR_BRANDED_DOMAIN>/<TOKEN>/ \
-X POST \
-H "Content-Type: application/json" \
--data '{"method":"eth_blockNumber","params":[],"id":1,"jsonrpc":"2.0"}'
For example:
curl https://node.friendlynode.xyz/f9423689a999768efe6260f3a509f314bd2713b6/ \
-X POST \
-H "Content-Type: application/json" \
--data '{"method":"eth_blockNumber","params":[],"id":1,"jsonrpc":"2.0"}'
Additional Resources
For further information on enhancing your endpoint security, consider exploring the following guides. These resources provide valuable insights and best practices for securing your QuickNode endpoints.
- How to Protect Your Endpoint - Front End Best Practices
- How to Implement JSON Web Tokens (JWT) Authorization with QuickNode
- How to Secure Your Endpoint Using Endpoint Armor
- How to Set Up Multi-Token Authentication on QuickNode
- How to Set Up Referrer Whitelist with QuickNode
Conclusion
There you have it, we just domain masked our Ethereum endpoint URL with another domain name. Pretty cool, right? If you want to learn about other features we offer at QuickNode, check out our guides page. You can always reach out to us if you have a feature request or need help.
Subscribe to our newsletter for more articles and guides on Ethereum. If you have any feedback, feel free to reach out to us via Twitter. You can always chat with us on our Discord community server, featuring some of the coolest developers you'll ever meet :)
We ❤️ Feedback!
Let us know if you have any feedback or requests for new topics. We'd love to hear from you.