Skip to main content
Serving Obvlo content through your primary domain consolidates SEO authority and ensures a seamless user experience. This guide covers configuration for Cloudflare Workers, NGINX, Apache, IIS, and Caddy. A typical Obvlo content URL follows this pattern: 
https://content.obvlo.com/live/orgs/{orgId}/sites/{siteId}/live/

SEO benefits

  • Consolidated authority — link equity and domain authority accrue to your primary domain rather than being split across subdomains.
  • Consistent URLs — search engine crawlers index a single URL structure, eliminating duplicate content risks.
  • Improved engagement signals — a unified domain reduces bounce rates and increases session duration.
  • Simplified analytics — all traffic flows through one domain, making attribution straightforward.
  • Performance control — edge caching improves page speed, a direct ranking factor.

General principles

These principles apply regardless of which reverse proxy you use. Path-based proxying — configure your proxy to forward requests from a specific URL path (e.g. /travel-guides/) to your Obvlo content URL. Host header — the Host header sent to the Obvlo backend must be content.obvlo.com. Forwarded headers — include the following so the backend can identify the original client:
HeaderValue
X-Forwarded-ForClient IP address
X-Forwarded-ProtoOriginal protocol (http or https)
X-Forwarded-HostThe visitor’s requested domain
SSL/TLS — the connection between your proxy and the Obvlo backend must use HTTPS.
Cloudflare Workers run JavaScript at the edge. Cloudflare handles SSL certificate provisioning and renewal automatically — no origin servers, load balancers, or certificate managers required. Request flow: Visitor → Cloudflare Edge (SSL + Worker) → Obvlo CDN

Prerequisites

  • A Cloudflare account (free tier is sufficient)
  • Your domain’s DNS managed by Cloudflare (nameservers pointed to Cloudflare)
  • Your Obvlo content URL (provided during onboarding)

Setup

  1. Add your domain to Cloudflare. Update your domain registrar’s nameservers to the Cloudflare nameservers shown in the dashboard.
  2. Create a DNS A record. Point your domain to 192.0.2.1 (a dummy address — the Worker intercepts traffic before it reaches any origin). Set proxy status to enabled (orange cloud icon).
  3. Create the Worker. Go to Workers & Pages → Create → Create Worker, select “Start with Hello World!”, deploy, then click Edit Code and replace the contents with the worker code below.
  4. Configure routes. Go to your domain → Workers Routes → Add Route. Add routes for yourdomain.com/* and www.yourdomain.com/*, both pointing to your worker.
  5. Verify. Visit your domain — Obvlo content should load with your domain in the browser address bar. Check response headers for the cf-worker header to confirm the Worker is active.

Worker code

Replace ORIGIN_BASE with your actual Obvlo content URL. 
const ORIGIN_BASE =
  "https://content.obvlo.com/live/orgs/{orgId}/sites/{siteId}/live";

export default {
  async fetch(request) {
    const url = new URL(request.url);

    // Build origin URL, preserving path and query string
    const originUrl = ORIGIN_BASE + url.pathname + url.search;

    const originRequest = new Request(originUrl, {
      method: request.method,
      headers: request.headers,
      body: request.body,
      redirect: "follow",
    });

    // Override Host header for correct content delivery
    originRequest.headers.set("Host", "content.obvlo.com");
    originRequest.headers.set("X-Forwarded-Host", url.hostname);
    originRequest.headers.set("X-Forwarded-Proto", "https");

    const response = await fetch(originRequest);

    // Clone response to modify headers
    const modifiedResponse = new Response(response.body, response);

    // Remove upstream headers that leak origin details
    modifiedResponse.headers.delete("x-served-by");
    modifiedResponse.headers.delete("x-cache");

    return modifiedResponse;
  },
};

What this gives you

  • Automatic SSL certificate management — zero configuration
  • No servers or infrastructure to maintain
  • Edge execution with sub-millisecond cold starts globally
  • 100,000 free requests per day on the free tier
  • Built-in DDoS protection and CDN caching
If the Obvlo backend returns absolute URLs or redirects containing the origin domain, visitors may see content.obvlo.com leak through. Contact support@obvlo.com for an updated worker script that handles response body rewriting.

Web server configurations

Traditional web server setups require you to manage SSL certificates, server infrastructure, and updates yourself. For most use cases, the Cloudflare Workers approach above is simpler to operate.

NGINX

Add the following to your server block. Replace the placeholder paths with your actual Obvlo content URL. 
server {
    listen 443 ssl;
    server_name customer-domain.com;

    ssl_certificate /etc/nginx/ssl/customer-domain.com.crt;
    ssl_certificate_key /etc/nginx/ssl/customer-domain.com.key;

    location / {
        proxy_pass https://content.obvlo.com/live/orgs/{orgId}/sites/{siteId}/live/;
        proxy_set_header Host content.obvlo.com;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host $host;
        proxy_redirect off;

        proxy_connect_timeout 60s;
        proxy_send_timeout 60s;
        proxy_read_timeout 60s;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}
The trailing slash on both location and proxy_pass strips the location prefix and appends the remainder to the backend URL. The Host header must be content.obvlo.com.

Apache HTTP Server

Enable mod_proxy and mod_proxy_http, then configure your virtual host: 
<VirtualHost *:443>
    ServerName customer-domain.com
    SSLEngine on
    SSLCertificateFile /path/to/certificate.crt
    SSLCertificateKeyFile /path/to/private.key

    ProxyPass "/" "https://content.obvlo.com/live/orgs/{orgId}/sites/{siteId}/live/"
    ProxyPassReverse "/" "https://content.obvlo.com/live/orgs/{orgId}/sites/{siteId}/live/"

    ProxyPreserveHost Off
    RequestHeader set Host "content.obvlo.com"
    RequestHeader set X-Forwarded-Proto "https"
    RequestHeader set X-Forwarded-Host "customer-domain.com"
</VirtualHost>
ProxyPassReverse rewrites response Location headers so redirects use your domain. Set ProxyPreserveHost Off and explicitly set Host to content.obvlo.com.

IIS (Internet Information Services)

IIS requires the Application Request Routing (ARR) module and URL Rewrite module. On Azure App Service, these are pre-installed. Enable the proxy:
  1. Open IIS Manager and select your server in the Connections pane.
  2. Double-click Application Request Routing Cache.
  3. Click Server Proxy Settings and check Enable proxy.
web.config — place this in your site’s root directory: 
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.webServer>
    <rewrite>
      <rules>
        <rule name="ObvloProxy" stopProcessing="true">
          <match url="(.*)" />
          <action type="Rewrite"
            url="https://content.obvlo.com/live/orgs/{orgId}/sites/{siteId}/live/{R:1}" />
        </rule>
      </rules>
    </rewrite>
  </system.webServer>
</configuration>
ARR automatically adds X-Forwarded-For, X-Forwarded-Proto, and X-Forwarded-Host headers. Proxy timeouts are configured in the ARR server-level settings.

Caddy

Caddy handles SSL automatically via Let’s Encrypt: 
customer-domain.com {
    reverse_proxy /* https://content.obvlo.com/live/orgs/{orgId}/sites/{siteId}/live/ {
        header_up Host content.obvlo.com
        header_up X-Forwarded-Host {host}
    }
}
Caddy automatically sets X-Forwarded-For and X-Forwarded-Proto.

CDN / edge providers

If you already use a CDN or edge platform, it can likely serve as your reverse proxy. The key requirements are the same across all providers: correct Host header, forwarded headers, and HTTPS to the origin.
ProviderNotes
CloudflareWorkers (see above) or Page Rules
Amazon CloudFrontOrigin configuration with custom headers
Google Cloud CDNURL maps with backend services
Azure Front DoorRouting rules with backend pools
FastlyVCL configuration or Compute@Edge
AkamaiProperty configuration with origin settings

Troubleshooting

Content not loading

  • Verify the Host header is set to content.obvlo.com — this is the most common configuration error.
  • Confirm the full Obvlo content URL is correct, including the trailing path.
  • Test the origin URL directly: 
    curl -I https://content.obvlo.com/live/orgs/{orgId}/sites/{siteId}/live/

SSL certificate errors

  • Cloudflare Workers — ensure DNS records are proxied (orange cloud icon). Cloudflare manages certificates automatically.
  • Web servers — verify certificate paths and renewal configuration (e.g. Certbot cron jobs).
  • CDN providers — check origin SSL settings match your backend configuration.

Cloudflare Worker not executing

  • Confirm the DNS A record has proxy status enabled (orange cloud, not grey).
  • Check Workers Routes — ensure the correct worker is assigned to your domain pattern.
  • Purge the Cloudflare cache: Caching → Configuration → Purge Everything.
  • Verify the worker was deployed by checking real-time logs in the Workers dashboard.

Origin domain leaking in responses

If absolute URLs in the response body reference content.obvlo.com, you need response body URL rewriting in your proxy. Contact support@obvlo.com for assistance.