I’ve written before about how Apigee’s security is NOT Default Deny. In a similar thread of thought, I was recently speaking with an Apigee Architect who pointed out that it’s good idea to setup a Catch All Proxy in order to hide default error message information and help prevent search bots from indexing those error messages.
It’s really quick to setup and and can actually help out your end users by having the catch-all proxy redirect them back to your Developer Portal.
To do this:
1. Create a new proxy, + Proxy.
2. Select No Target
3. Give it a Proxy Name, and Description, but make the Proxy Base Path is set to /. Apigee’s url matching system is really smart and it will select the best match for each incoming url. This pattern will be the last to match, making it the ‘catch all’.
4. Everything about this is going to be very barebones. So, make it Pass through (none).
5. Set it up for all your endpoints.
6. And then Build it for Dev (or whatever your non-Prod environment is). Don’t worry about the Proxy Name, I needed to remake this picture.
7. Once it’s Built and Deployed, navigate over to the Develop tab of the new proxy.
8. In your proxy, you’re going to have only 1 policy and that policy will redirect traffic over to your Developer Portal.
9. To set this up, use a RaiseFault Policy and set the fault response to look like this:
10. Make sure you added the new DevPortal-Response policy into your PreFlow Proxy Endpoint as shown in Step 8.
11. Open up a browser and give it a spin using your Dev endpoint. Of course, test out some of your other API Proxies to make everything still works as you expect. Once everything looks good, promote it on up the environment stack.
That’s it! It take less than 10 minutes.
0 comments:
Post a Comment