How It Works
How It Works
Blistering fast speeds. A global node network.
How Qloaked SSL at the edge works like magic.
Qloaked uses a globally-distributed reverse proxy service to monitor unsecure traffic and issue SSL certificates at the edge. The Qloaked network is high-uptime, high-redundancy and low-latency, seamlessly connecting thousands of requests a minute.
When Qloaked detects insecure traffic flowing through the network, it automatically resolves the host to an origin server. After passing a series of security checks, Qloaked begins the process of issuing an SSL certificate to secure traffic between the host and the origin server, seamlessly switching HTTP traffic to HTTPS once the process is completed.
Once traffic is secured, Qloaked clients can manage the SSL certificates issued to their origin via the Qloaked backend, removing or editing domains as required. Custom headers may also be appended to traffic, while Qloaked manages regular (90-day) certificate rotation to ensuring bleeding-edge security compliance.
Benefits
For Qloaked customers, handling SSL certificates at the edge typically results in a number of benefits:
- Reduced development costs: Building SSL integrations is a painful process, especially when it’s rarely integral to the core business of a software company. Outsourcing SSL management typically saves 40-60 hours of development time, excluding ongoing maintenance costs.
- Reduced maintenance costs: Qloaked monitors your domain and SSL provisioning and resolves problems automatically so your team can focus on the product.
- Increased security: Handling SSL certificates is a security liability small companies can live without. Qloaked’s globally-distributed software takes the hassle out of SSL management, by maintaining all certificates and keeping them up-to-date automatically.
- Increased scalability: Whether 10 or 100 domains, Qloaked stands ready to assist your business. We work with companies around the world, routing traffic through thousands of secure connections and ready to scale without so much as the press of a button.
- Lightning-fast deployment: Our clients typically start routing traffic through their first domains within an hour or signup. Transitioning users is a breeze, thanks to Qloaked’s unique detection capabilities at the edge.
Technical FAQs
Have a question not covered here? Reach out to sales@qloaked.com.
Modern browsers alert the user when they’re on a website that doesn’t have SSL configured. In Chrome they will see a “Not secured” message – this is not good for you, your customer or your customer’s users. Search engines penalize non-secure content.
With an SSL/HTTPS connection in place, the data being transferred is encrypted so that other services/servers and bad actors can’t read the data in transit – protecting the communication between your customer’s users and your service.
Yes, as long as the domain owner adds a DNS entry pointing to the service. We are currently still working to provide support for apex domains.
Yes, as part of signing up we will ask you to point a CNAME at our service e.g. secure-hosting.yourdomain.com to a Qloaked domain. The secure-hosting.yourdomain.com is what your clients will use and add to their DNS.
If you are unhappy with the service you can easily transition away from Qloaked by pointing the DNS back towards your own servers.
At present, we are located on the US West Coast and the EU, with further clusters coming online over the coming weeks (Asia, Middle East and South America).
Qloaked will automatically renew and manage the SSL certificates.
Typically a couple of seconds.
As long as your origin site where we send the traffic to is running on https, Qloaked will have end to end encryption.
No – While Qloaked is provisioning the service we’ll send the traffic as http and then transition to https once the SSL certificate is in place.
Typically they’d have to generate a SSL certificate request, pay a third party to verify it. Then install the SSL certificate on a server as a reverse proxy or a CDN to run in front of your service. Every year or two they’d have to go through that process again when the SSL certificate expired.
We charge overage if your domains require higher bandwidth than the limits stated in our plans.