How to isolate an application from other applications
Application Type
Traditional Web, Reactive

Hello team,

We have 10 applications on our OutSystems platform, each with its own DNS. We are using SEO-friendly URLs and Site Rules to associate the DNS with each application. However, a challenge arises as end users can access different applications by appending the application path to the DNS. For instance, if we have "app1" and "app2," users can access them through the main OutSystems DNS like "outsystemsdev.sample.com/app1" and "outsystemsdev.sample.com/app2." Although we've configured a Site Rule to map "app1" to "app1.sample.com," an issue persists. Users can still access "app2" by typing "app1.sample.com/app2." How can we prevent users from accessing other applications in this scenario, and what are the best practices to address this concern? 


Hi Khalid,

Do you have Cloud or On-Prem factory? How many Production environments do you have?



Hi Nelson, It's on-prem and one production environment (4 Front-end Servers).


So, in that case you can manage which application you want to deploy in each Front-end Server, using the concept of "Deployment Zone".

However, this doesn't avoid the end-user to be able to access all applications within the same FE, so, why do you not configurate your DNS app1.sample.com to point only to, i.e., outsystemsdev.sample.com/app1?

What I understand is that you are managing this access/permissions by using the Service Center instead of restrict the access directly in the DNS?    


Thanks for your reply.

We have the 4 Front-end Servers for high availability reasons only. And regarding dns configuration to point to a specific app, how can we achieve this? Is there any documentation?

Hi Khalid,

Misunderstanding from my part about the dns configuration. DNS is a Domain name to point to a specific server/ip, and not to a path of that server.

So, saying that, you can try to manage this by using Site Rules:

  • Create a Site Rule that points "app1.sample.com/app2" to an OutSystems application with an "Invalid Permissions" screens where you indicate that the users cannot access that app2 application; or
  • Create a Site Rule that points "app1.sample.com/app2" to app1
Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.