Managing your Routes

Manage routes in the Dashboard

Routes Managements is a feature on Dashboard which allows to set Filters and secure the data in a variaty of flexible ways. VGS Routes let you:

Create, edit and delete routes

Create a Route from dashboard

To configure a basic route:

  1. Log into the VGS Dashboard.
  2. Navigate to Routes on the left side menu bar.
  3. Click Add new route (choose either inbound/outbound).  routes-management
  4. In the Routes Manage panel, provide name for your route. This will help you to manage and quickly identify your routes going forward.  routes-management
  5. In the Routes Manage panel, provide your Upstream Host.  routes-management
  6. Next, start creating filters: adding condition or the condition group.  routes-management
  7. Now specify the content type and fields to secure, and choose an operation that needs to be performed on that data - either redact or reveal.
  8. The last, choose storage value, alias format, and click Save.

The newly created route will appear on Routes list. Now, as you configured your route, go ahead and send a request and check it out on the Access Logger.

Alternative ways to create a Route

Edit a Route

  1. Locate the route to modify and click Manage button.
  2. In the Manage panel, enter the changes you’d like to make.
  3. Click Save.

Delete a Route

  1. Locate the route to modify and click Manage button.
  2. In the Manage panel, navigate to the bottom of the page, and click Delete route.

Setting the filter trigger order

To reorder filters:

  1. Locate the route to modify and click Manage button.
  2. Navigate to Filters section.
  3. Click Reorder buttom and set the filter order using drag-and-drop.
  4. Click Done to save reordering.
  5. Save the Route changes.  routes-management

IP whitelisting

IP whitelisting allows you to explicitly restrict access to specific IP addresses and/or CIDR notations for APIs. We highly recommend using this feature as an additional security protection. The feature is available for both Inbound and Outbound routes.

Enable IP whitelisting on a route:

  • Enter an IP or CIDR to match the IP address the request is made from. For example 172.16.254.1, 2001:db8:0:1234:0:567:8:1, 192.168.1.15/24. Multiple IP addresses could be added separated by comma
  • Click return
  • Save the route

 ip-whitelisting-outbound

How to configure multiple Inbound Routes (using CNAME)

In order to be able to configure multiple Inbound Routes and/or use a branded hostname instead of the default VGS one you should set up Custom Hostnames.

Requesting Custom Hostname provisioning:

  1. Create a CNAME pointing your address, for example secure.your-domain.com, to either sandbox.verygoodproxy.com or live.verygoodproxy.com.
  2. Contact Support at support@verygoodsecurity.com to request provisioning of a TLS certificate.

Dedicated TLS certificates are automatically generated and propagate through our global content delivery network, providing robust encryption, along with lightning fast performance and compatibility.

  1. Wait for support to confirm certificate provisioning.

Next, adjust your Inbound Routes settings:

  1. Go to Advanced options inside your Inbound Route and add this CNAME as a Host endpoint. Make sure you have provided valid regular expression. For example, it will be secure\.your-domain\.com.
  2. Mind, for each inbound route you will need unique CNAME. One CNAME shouldn’t be used for 2 inbound routes.

Note: each TLS certificate for Custom Hostname costs 40$ per month. Check our pricing page for more details.

If you have any questions, comments or feedback on this guide contact us on our site chat or at support@verygoodsecurity.com

Common routes configurations

Route filters support different operation types and could be flexibly set for different kinds of data.

Query parameter redact/reveal

To redact or reveal a query parameter data use a regex and set uri as a target. Check if the request was processed correctly in the Access Logger

Note: pathinfo filter won’t match the query parameters, that’s why a RegExp is used.

 queryparameters  queryparameters-logger

Headers redact/reveal

To work with headers set headers.{{headername}} target and ^(.*)$ JSON pathinfo.

 headers

PDF redact/reveal

Route editor supports work with PDF documents: upload the document and select the area which need to be redacted or revealed. Document coordinates will appear below the document and will be saved in the route config to process the data.

 pdf

Multiple fields redact/reveal

Multiple fields can be used in the same filter.

Note: make sure that selected storage type and transformer fit all defined fields inside of the same filter.

 muletiple fields