Anyone who can guess your tunnel URL can access your local or private web service unless you protect it.
To enable HTTP Basic Auth provide --username and --password flags:
relay connect \
--username foo \
--password bar \
Accessing a URL now will prompt users for credentials.
Similarly to HTTP Basic Auth you can also specify token protection. Tokens are easier to pass around:
relay connect --subdomain landing --token <token>
Even though basic auth and token protection can prevent unwanted visitors to your websites, it is advisable to also enable SSL.
Encrypt communication to and from your website using HTTPS. It is important to encrypt as much web traffic as possible to prevent data theft and other tampering. This is a critical step toward building a safer, better Internet.
Traffic between an agent and the public service is always encrypted and encryption cannot be disabled.
There are several crypto options for tunnels:
Off is an option that disables encryption.
Flexible is a most common option for secure websites, testing and demo environments. It allows both HTTP and HTTPS traffic.
Full is an option that enforces HTTPS by redirecting all traffic from HTTP to HTTPS.
To create a tunnel with flexible encryption use --crypto flexible flag:
Now, if you go to tunnels page, you should see a CNAME specified next to your tunnel name such as 872e472d.cname.webrelay.io. Next, using your DNS provider add a CNAME record for local.example.com and point it to 872e472d.cname.webrelay.io.
Keep in mind that since we don’t have certificates for your domain, they won’t match (our certificate is for *.webrelay.io). If you have a TLS key and certificate, use TLS tunnel.
Webhook Relay regions:
default region is in Belgium (country can change without notice)
au - Sydney, Australia
us-west - Silicon Valley, US
When using ‘relay’ CLI
When using relay CLI, specify --region <region name> flag: