Hosting on Netlify while addressing my client's security & convenience concerns

Hello Netlify users!

Disclaimer: I’m a knowledge manager at a strategy consultancy and kind of new & self-taught in regards to web development so please bear with me. Trying to push our web dev strength internally and need to build some small success cases before being able to get actual experts on board :smile: So I’m tapping into the wisdom of the crowd for the time being…

Together with my designer colleague, I have created a pretty neat small prototype website that is using Netlify and some serverless functions to fetch data from the Notion API (Notion happens to be a main tool for us to organize knowledge so it comes in handy, although I’m well aware it wasn’t built to serve as CMS).

I also believe that the entire Jamstack philosophy suits us well because of its security (client sensitive content) and performance (client and internal teams spread out across the globe so CDN feels right).

Now, here is my challenge: some of our clients request any web content to be hosted on their own servers, for both security and convenience reasons. In esp. they do not want any web-content to be password-protected (bc it could leak, and bc inconvenient) – instead host things on their own servers so they gain full control as to who can access it.

So my question is: how would you approach a situation like this? What may be ways to address my client’s concerns while sticking to the Netlify approach?

For example, is there a way for them to use a subdomain they own (ourproject.clientdomain.com) that redirects to a super-encrypted (and never visible) Netlify domain? Would this allow them to gain full control as to who in their organization can access this (w/o need for pasword)?

Would be super thankful for any advice or ideas!

What a great question, Ben! Really appreciate the amount of thought you put into it.

Certainly there are workflows where you can deploy a codebase on your client’s servers for review/testing and then on Netlify for the go-live, but that kinda robs you of a lot of the benefits of our platform. You can also do the thing I think you are suggesting: having their server fetch contents from us (proxy to us, though this is fraught with peril and does not come with tech support, see [Support Guide] Why not proxy to Netlify? - better would be to proxy from us to their server if they really needed to do this, since that is well supported and we have features like this one (Rewrites and proxies | Netlify Docs) to ensure that the connection is from us, and to exactly them).

Since your client has such a strong opinion which sounds so strongly held, they might not agree, but these are the selling points I’d use to disabuse them of the notion that hosting things themselves is preferable:

  1. Netlify has dedicated staff ensuring support, security, uptime and new features. They’d otherwise have to pay their own staff for these things (potentially, in addition to paying you/Netlify, which doesn’t seem to make sense to me). This is kinda a buy it vs build it debate and if they are in the build it camp…well…nothing we do is impossible to replicate, but replicating all of it would take Some Time and especially a ton of effort to maintain - or you’d be paying someone else like GitHub to do it instead.
  2. our toolset is designed for collaboration. Want to share a copy of the site for review? That’s already built and secured here: Deploy Previews | Netlify Docs . Want to allow a developer to trigger builds automatically? Or a content author? Or a robot? We’ve already built all that. Want easy and programmable access control with SSO (no passwords;
    you can sign on with google to edit in the CMS or even browse content using our Identity feature!) Now, we can certainly host a site that pulls data from elsewhere, or builds elsewhere and ships us the result, taking part of the load off Netlify. Many customers choose to do that and we are not here to force you to get locked into our stack (we pride ourselves on extending, not “containing” the ecosystem), but it starts to make me wonder what the client would be gaining from using us at that point. Obviously you like the tool, but if they won’t use it, that’s a bit of a moot point. Perhaps you use the tool to build the site and get their reviews, and then hand them the built site to host themselves? Hard to say what might work for your business, but happy to brainstorm more if you like!

Maybe the most coherent statement I can make is that we are not trying to sell web hosting by itself. We are selling a collaboration tool, and our pricing reflects that: bandwidth is not cheap ($55/100Gb). But, alongside a good collaboration tool, automatic CI, authentication and preview services…we think it can be worthwhile :slight_smile:

Thank you Chris for this amazing answer! I think we’ll need to explore Netlify’s identity and access control features a bit more. A clarification question about using identity providers like Google accounts: seems like I can choose between “everyone can log in” and “only by invitation”. But is there also a way to just allow everyone from company X to log in with their Google Account? So user experience would be (assuming a company that uses Google accounts):

  • client user visits page, gets prompted to log in using their Google Account
  • logs in with their Google details, no further verification needed (except perhaps Google’s 2 step verification)
  • user gets in if their account is an @companyname.com account
  • otherwise rejeceted