Skip to content

Can I use a proxy on top of my Vercel Deployment?

It is possible to use an external proxy to route requests to a Vercel Deployment. This article describes possible alternatives, downsides you need to be aware of, and general configuration.

With Cloudflare Proxy

While introducing some latency to each request, the Cloudflare Proxy is one of the best strategies for using a proxy in front of a Vercel Deployment. You can check the article "How do I use a Cloudflare domain with Vercel?" for further information about similar configuration.

Other Solutions

The main problem teams with proxy setups encounter when using them with Vercel is the difficulty in managing those external resources. If you decide to deploy your own proxy solution, it is critical that you are aware of the following details:

Global Distribution

Vercel implements multiple technologies as part of our Edge Network to guarantee the performance and reachability of all hosted apps. It is important to understand that using your own proxy will affect the performance of your Deployment by introducing additional latency, especially if your proxy is not globally available.

Vercel also ensures that when global Internet infrastrucure problems occur, for example, a fiber cable is cut, we can deploy mitigation strategies automatically. An example is traffic re-routing: If a region is experiencing problems, we can redirect traffic to another location without action needed from your team.

Reliability

Using your own proxy can decrease the level of reliability since you are introducing a piece of infrastructure that Vercel does not manage. If a problem happens in your proxy that causes downtime, Vercel cannot deploy any mitigations and intervention by your team may be required.

Cache Behavior

When you make a new Deployment to Vercel, the platform will purge the existing cache in all our regions automatically. You need to ensure your proxy is also respecting this behavior. Otherwise, your users may experience stale content, which can cause bugs.

Web Application Firewall and DoS Protection

Vercel offers to all our customers a basic level of protection. If we detect an anomaly in requests coming from a single source, the IP can get banned for a period of time ranging from a few minutes to days. While we do have rules for common proxy solutions, like Cloudflare, building your own can make the production traffic of your application susceptible to downtime if the Vercel WAF (Web application firewall) marks the traffic as abuse.

For Enterprise customers, we can define special rules and work with your team to draw the best strategy possible and avoid any issues (contact sales).

Other Platform Features

We have many features that depend on the correct DNS configuration and connection between Vercel and your domain. Automatic certificates is one of them. If Vercel is not serving the content of your Deployment to your users directly, you need to configure your server to issue certificates. Other examples of features that can misbehave if the proxy is not configured correctly are compression and headers.

Conclusion

Using a proxy on top of Vercel can be a constraint for your organization. If you need to implement this strategy, it is recommended that you use solutions that can mitigate possible negative effects as much as possible. Using a Cloudflare proxy, while not ideal due to a slight hit in performance, is generally more advantageous than rolling your own solution or server.

Couldn't find the guide you need?