Website Migration Notice: SafePoint is now operated by CyberServal.Learn more β†’
DiscussionSLA
Sign inSign up

SafeLine WAF β€” Dynamic DNS Resolution for Upstreams

Published 7 days ago

# SafeLine WAF
# πŸ’‘ feature
# πŸ–₯️ ui
# πŸ’ͺ improve

Published 7 days ago

profile_photo

VΔƒn Kiệt

Updated 7 days ago

0

Feature request: expose Tengine's dynamic_resolve for upstreams
We use upstreams defined by domain names, and their IPs change frequently due to DNS-based failover. Currently, upstream domains are resolved only at configuration load/reload time, so traffic keeps going to
stale IPs until a manual reload is performed β€” which effectively breaks DNS-based failover.
Since SafeLine is built on Tengine, could you expose Tengine's built-in ngx_http_upstream_dynamic_module? e.g.:

upstream backend_xx {
dynamic_resolve fallback=stale fail_timeout=30s;
server app.example.com:443;
}

This would let upstream IPs update automatically at runtime without reloads, with fallback=stale falling back to the previously resolved IPs if DNS resolution temporarily fails.
Ideally this could be a UI option (per-site toggle + resolver setting) or supported via a custom upstream snippet.

Related Posts
#
Export Translation
#
Getting free certificates takes long time and fails also.
#
False positive JA4
#
Need AS Number
#
Issue with iframe not showing.