Background

We're running a project for someone that wants a "white-label" solution (they want to have a subdomain of their site that shows certain pages of our site, styled to look like theirs). The main reason we're leaning towards this route is so their users feel like they haven't left the original site (or that they are related) and the client is insistent.

Plan

Point a subdomain at our server, but only allow it to access the pages relevant to this project (or else our regular site pages will confuse people). Our frontend stack is just a small Nginx server with a single page app inside. We don't have any navigation from this area of the site to the other areas, but if the path's aren't blocked, people could still get there. The pages we want accessible are:

• example.example.com/profiles/*
  • profiles being the new area of the site that's under development

// where example.example.com is just an alias for other.com

Questions

1. What is the most reliable way to determine whether the requestor is using the subdomain or our main domain?
2. Can we then give a 404 to requests that are outside the /profiles/* pages?
3. Is it better to do this using the server config (Nginx) or the routing interceptor (AngularJS)?

Assuming your client has the example.com domain and you have the example.org domain, adding this configuration on your client's server should do the trick

server {
    listen 80;
    server_name sub.example.com;

    location /profiles/ {
        # proxy pass all requests to example.org/relevant/profiles/folder
        proxy_pass http://example.org/relevant/profiles/folder/;
        proxy_redirect default;
    }
    location / {
        # Return 404 for all other requests to sub.example.com
        return 404;
    }
}