Widemesh Endpoints

Widemesh Endpoints route Internet traffic to one or more of your services across stacks.

There are two types of endpoints:

  • Custom Domains
  • Platform Aliases

Custom Domains

Custom Domain Endpoints help route traffic from a custom domain to services in your stacks.

Widemesh provides instructions to change DNS records in your custom domain registrar. A TLS certificate is automatically requested and provisioned via Let’s Encrypt to serve HTTPS traffic.

To create a custom endpoint for a domain(e.g, app.example.com):

mesh endpoint create app.example.com

Publishing Services

Once your endpoint is ready, you can route traffic to your workloads by publishing your services.

To learn more about service publishing, please refer to Web Services.


Each Widemesh Rack hosting your app features a proxy to load balance requests to your service instances.

With each request to one of your Web Services, the proxy injects the following standard Headers:


Client and Proxy List: This is a comma-separated list comprising the client that originated the request and the proxy servers the request passed through.

MDN has full documentation for this header.

Most of the time, you’re only interested in the leftmost IP of the list. To save you time parsing this header, we provide X-Real-Ip.


Original client IP Address: Unlike X-Forwarded-For, this header always contains a single IP Address, the actual client IP Address.


Original client protocol: The protocol which the client used to make the request. Either http or https. This header is equivalent to X-Scheme.


Original connection port: Helps you identify the destination port that the client used to connect to the Rack proxy.


Original connection host: Original host requested by the client in the Host HTTP request header.


Trace Request ID: the Widemesh proxy-generated unique request ID for every incoming HTTP request that it receives.

Platform Aliases

A platform alias routes traffic from a sub-domain under our platform domain at widemesh.dev directly to your services.

Platform aliases endpoints are automatically created with your environment and configured with a TLS certificate ready to serve HTTPS traffic; all you have to do is publish your services through them.

To list all the endpoints in your environment:

mesh endpoints list

Platform aliases are proxied by Cloudflare with the following settings:

  • QUIC: Off
  • HTTP/2: On
  • Zero Round Trip Time(0-RTT) Connection Resumption: On
  • IPv4 to IPv6 Gateway: On
  • gRPC Proxy: Off
  • WebSockets Proxy: On
  • Onion/Tor Routing: Off
  • IP Geolocation(CF-IPCountry header): Off
  • Maximum HTTP Upload Size: 100MB
  • Response Buffering: Off