Domain Setup
Domain Onboarding Flow
Section titled “Domain Onboarding Flow”After creating your organization, WebDecoy guides you through setting up your first custom domain. This three-step process ensures your domain is properly configured with DNS and SSL before you start deploying decoys.
Why Set Up a Domain First?
Section titled “Why Set Up a Domain First?”Custom domains are the foundation of effective deception:
| Benefit | Description |
|---|---|
| Authenticity | Decoys appear as part of your real infrastructure |
| Immediate Protection | Start collecting detections right away |
| SSL Included | Automatic HTTPS via Let’s Encrypt |
Step 1: Enter Your Domain
Section titled “Step 1: Enter Your Domain”The first step is to specify which domain you want to use for your decoys.
What to Enter
Section titled “What to Enter”- Enter a subdomain you control (e.g.,
cdn.yourcompany.com) - The subdomain should look legitimate to attackers
- You’ll need access to your DNS provider to complete setup
Good Domain Name Examples
Section titled “Good Domain Name Examples”| Domain | Why It Works |
|---|---|
cdn.yoursite.com | Looks like a content delivery endpoint |
assets.yoursite.com | Appears to serve static files |
api2.yoursite.com | Suggests a backup API server |
secure.yoursite.com | Implies security-related functionality |
What to Avoid
Section titled “What to Avoid”| Domain | Problem |
|---|---|
honeypot.yoursite.com | Obviously a trap |
decoy.yoursite.com | Reveals intent |
test.yoursite.com | May already be in use |
Skip Option
Section titled “Skip Option”If you’re not ready to set up a domain, you can click “Skip to Dashboard” and configure domains later from Settings → Domains.
Step 2: Configure DNS
Section titled “Step 2: Configure DNS”After entering your domain, WebDecoy displays the DNS record you need to create.
A Record Configuration
Section titled “A Record Configuration”You’ll see instructions like:
| Field | Value |
|---|---|
| Type | A |
| Name | Your subdomain (e.g., cdn) |
| Value | The IP address displayed in WebDecoy |
| TTL | Auto (or 3600) |
Adding the Record
Section titled “Adding the Record”- Log into your DNS provider (Cloudflare, Route53, GoDaddy, etc.)
- Navigate to DNS management for your domain
- Create a new A record with the values shown
- Save your changes
Provider-Specific Examples
Section titled “Provider-Specific Examples”Cloudflare:
Type: AName: cdnIPv4 address: <IP from WebDecoy>Proxy status: DNS only (grey cloud) ← Important!Route53:
Record name: cdn.yoursite.comRecord type: AValue: <IP from WebDecoy>TTL: 300GoDaddy:
Type: AHost: cdnPoints to: <IP from WebDecoy>TTL: 1 HourImportant Notes
Section titled “Important Notes”- Cloudflare users: Disable the proxy (use grey cloud, not orange)
- DNS propagation: Usually takes just a few minutes, but can take up to an hour
- Copy buttons: Click the values in WebDecoy to copy them to your clipboard
Verifying DNS
Section titled “Verifying DNS”Once you’ve added the record:
- Click “Verify DNS” in the onboarding flow
- WebDecoy checks if your A record is correctly configured
- If verification fails, wait a few minutes and try again
Check propagation manually:
dig cdn.yoursite.com AOr use online tools like whatsmydns.net.
Step 3: SSL Certificate
Section titled “Step 3: SSL Certificate”After DNS verification, WebDecoy automatically provisions an SSL certificate from Let’s Encrypt.
What Happens
Section titled “What Happens”- Automatic initiation - SSL provisioning starts immediately after DNS verification
- HTTP-01 challenge - Let’s Encrypt validates domain ownership
- Certificate issued - Usually takes 30-60 seconds
- Domain ready - Your domain is now configured with HTTPS
SSL Status Indicators
Section titled “SSL Status Indicators”| Status | Meaning |
|---|---|
| Spinner | Certificate provisioning in progress |
| Green checkmark | Certificate issued successfully |
| Warning icon | Certificate issuance failed |
If SSL Fails
Section titled “If SSL Fails”If certificate provisioning fails:
- Check error message - The error will indicate what went wrong
- Click “Retry SSL” - Try provisioning again
- Or skip to Dashboard - You can retry from Settings → Domains later
Common issues:
- DNS not fully propagated yet
- Cloudflare proxy is enabled (should be disabled)
- Rate limiting from Let’s Encrypt (wait an hour)
After Domain Setup
Section titled “After Domain Setup”Once your domain shows “Domain Ready!”, you’re all set:
- Click “Go to Dashboard” to continue
- Your domain appears in Settings → Domains
- You can now create decoys using this domain
Next Steps
Section titled “Next Steps”With your domain configured, you’re ready to:
- Create Decoy Links - Build honeypot links on your domain
- Set Up Bot Scanners - Add client-side detection
- View Detections - Monitor incoming threats
Adding More Domains Later
Section titled “Adding More Domains Later”You can add additional domains at any time:
- Go to Settings → Domains in the sidebar
- Click “Add Domain”
- Follow the same DNS verification and SSL setup process
See the Custom Domains guide for detailed domain management instructions.
Troubleshooting
Section titled “Troubleshooting”DNS Verification Fails
Section titled “DNS Verification Fails”| Issue | Solution |
|---|---|
| ”A record not found” | Wait a few minutes for DNS propagation |
| Wrong IP address | Double-check the IP matches what WebDecoy shows |
| Still failing | Check your DNS provider’s dashboard to confirm the record exists |
SSL Certificate Fails
Section titled “SSL Certificate Fails”| Issue | Solution |
|---|---|
| Timeout | Wait a moment and click “Retry SSL” |
| Validation failed | Ensure DNS is pointing correctly, Cloudflare proxy is off |
| Rate limited | Wait an hour before retrying |
Need Help?
Section titled “Need Help?”If you’re stuck during onboarding:
- Click the Support link in the footer
- Email [email protected]
- Check the Troubleshooting guide