How to mask Service Portal URL?

yltsai
Mega Guru

‎03-04-2018 08:35 AM

All Service Portal homepage have <instance_address>/xxxxx?xxxxxxxx as URL. My employer is concerned the security even it is for internal users. The leadership wants to make the internal service portal URL to look like https://<company_name> Service Portal. How can I achieve the request? What are the procedures?

Thank you,

0 Helpfuls
  • 3,048 Views
7 REPLIES 7

xostmoen
Tera Guru

‎03-04-2018 09:07 AM

Hi yltsai,

This is something you need to do outside of ServiceNow. Easiest is probably to contact the people which does your domain DNS. They can setup a redirect from a subdomain. So if you go to, for example, https://sp.<company_name>.com it redirects automatically to the Service Portal URL.

As an example you can have a look at how the vendor namecheap does this:

https://www.namecheap.com/support/knowledgebase/article.aspx/385/2237/how-do-i-set-up-a-url-redirect...

Please mark my response as helpful or correct if it was accordingly. Thank you! 

Goran WitchDoc
ServiceNow Employee
ServiceNow Employee
In response to xostmoen

‎03-04-2018 01:31 PM

Remember that you need to have a reverse proxy. Otherwise you users can fill in sp.companyname.com and it will redirect to your portal, but at the same moment the browser will change the url to service-now.com/xxxx as well, so then the use will see "the real" url.. and guessing right, this is the one that will be bookmarked then as well.

To solve this you need to have a reverse proxy and sadly ServiceNow doesn't have that functionality like many other cloud companies has. So you need to have one by yourself. Negative part here is that it will be a SPOF since all traffic will be relayed through the proxy and if it goes done, your portal wont be reachable.

 

//Göran

Goran WitchDoc
ServiceNow Employee
ServiceNow Employee
In response to xostmoen

‎03-04-2018 01:33 PM

Ohh and btw. the redirect can't be done in the DNS, it has to be done in a proxy as well. since the DNS needs a IP-adress to point to the DNS name to and your instance doesn't have a unique IP-adress.

xostmoen
Tera Guru
In response to Goran WitchDoc

‎03-04-2018 11:17 PM

Thanks for the input Göran,

I think you can achieve URL masking by using cloaked forwarding with your DNS provider. Not to say its the best solution. 

Maybe yltsai can elaborate why he want to mask the URL to make it more secure in the first place?

URL Masking is not always seen as a positive thing. 

0 Helpfuls