Domain Masking

One Magento, many identities. Localized experiences and storefronts without backend complexity.

Domain masking lets you serve the same Magento installation under multiple hostnames — each appearing as a fully independent, self-contained website. The visitors on shop-de.example.com see URLs, links, cookies, and redirects that are entirely consistent with that domain. They have no idea (and no reason to care) that the same Magento backend powers shop-us.example.com and shop-jp.example.com.

#Use cases

International expansion — one Magento, one country domain per market, each with its own store view, currency, and language. No backend duplication.
Multi-brand retail — a holding company with three brands served from one Magento installation, each with a different domain and appearance.
B2B/B2C split — wholesale.example.com showing a different price tier and catalogue than shop.example.com.
White-labelling — you build and operate Magento; your clients get their own branded domain.
Staging mirrors — staging.example.com mirrors production using the same Magento backend but a different base URL for safe testing.

#How link rewriting works

Without domain masking, Magento generates absolute URLs based on its configured web/unsecure/base_url. If that is https://origin.example.com/, every link, image URL, and form action in the HTML references origin.example.com. A visitor arriving via shop.example.com would immediately be redirected to (or see links to) the origin domain.

Accelerate Guru intercepts the response before it is sent to the browser and rewrites every occurrence of origin.example.com to shop.example.com across:

Content type	Example rewritten
HTML	`<a href="https://origin.example.com/product.html">`
CSS	`background-image: url('https://origin.example.com/media/bg.jpg')`
XML (sitemaps, RSS)	`<loc>https://origin.example.com/catalog/</loc>`
JSON (API responses)	`{"url": "https://origin.example.com/rest/..."}`
JavaScript	`var baseUrl = 'https://origin.example.com/'`
`Set-Cookie` header	`Domain=.origin.example.com` → `Domain=.shop.example.com`
`Location` header	`Location: https://origin.example.com/checkout/`
`Link` preload header	`Link: <https://origin.example.com/static/...>; rel=preload`
Content-Security-Policy	Adds `shop.example.com` to all `*-src` directives

The rewriting is done in a single streaming pass over the response body — it adds negligible latency.

#Configuration

#Step 1: Main config

In your main magento_ultra.ini, ensure domain masking is enabled (it is by default):

[domain_masking]
enabled = true

#Step 2: Per-domain overlay files

Create one file per masked hostname in the domain_masking/ directory:

/etc/accelerate-guru/
├── magento_ultra.ini          ← main config
└── domain_masking/
    ├── shop-us.example.com.ini
    ├── shop-de.example.com.ini
    └── shop-jp.example.com.ini

Each file uses INI syntax and can override any section from the main config except [license].

#Step 3: Minimal overlay example

; /etc/accelerate-guru/domain_masking/shop-de.example.com.ini

[domain_masking]
public_host  = shop-de.example.com
origin_host  = origin.example.com

; These Magento URL parameters will be appended to all requests
; from this domain, selecting the German store view
aliases      = origin.example.com=shop-de.example.com

#Step 4: Advanced — store view selection

If your Magento uses store codes in URLs, or if you want to set a specific store view for each masked domain, add the store query parameter in a per-domain cache vary configuration or set a cookie via a text-replace rule. The recommended approach is to configure Magento's MAGE_RUN_CODE and MAGE_RUN_TYPE environment variables per vhost and then point each vhost to the same Magento installation.

#Full worked example: three country stores

Suppose you have:

Magento running at http://127.0.0.1:8080
Magento base URL configured as https://magento.internal/
Three public domains: shop-us.com, shop-de.com, shop-jp.com

#Main config

[server]
upstream_addr = 127.0.0.1
upstream_port = 8080

[domain_masking]
enabled = true

#`domain_masking/shop-us.com.ini`

[domain_masking]
public_host = shop-us.com
origin_host = magento.internal

[optimization_images]
; US visitors tend to be on faster connections — we can afford slightly
; higher quality AVIF
avif_quality = 70

#`domain_masking/shop-de.com.ini`

[domain_masking]
public_host = shop-de.com
origin_host = magento.internal

#`domain_masking/shop-jp.com.ini`

[domain_masking]
public_host = shop-jp.com
origin_host = magento.internal

[optimization_images]
; Serve slightly more aggressive compression for Japan (excellent mobile networks
; but high volume / many product images per page)
avif_quality = 55

With this configuration, a request to https://shop-de.com/catalog/product/view/id/123 is:

Received by Accelerate Guru.
Forwarded to http://127.0.0.1:8080/catalog/product/view/id/123 with the Host: magento.internal header.
Magento responds with HTML containing https://magento.internal/ in every URL.
Accelerate Guru rewrites all magento.internal → shop-de.com references.
The response is cached under a key specific to shop-de.com.
The browser receives a response that is 100% self-consistent with the shop-de.com domain.

#Per-domain configuration overrides

Any [section] from the main config can be overridden in a per-domain overlay file. This is useful for:

Different AVIF quality per market (shown above)
Different cache TTL — a "flash sale" domain with shorter TTL
Different security rules — stricter WAF on the public site, relaxed on a trade/wholesale portal
Different service worker behaviour — disabled on a domain with complex checkout flows
Different compression settings

The one exception: [license] is always read from the main magento_ultra.ini and cannot be overridden per domain.

#SSL certificates for masked domains

When ssl_mode = self_signed (the default), Accelerate Guru auto-generates a certificate that covers all hostnames it serves requests for, including masked domains. No extra configuration is needed.

When ssl_mode = acme (Let's Encrypt), each new domain is automatically provisioned with a certificate via the ACME HTTP-01 challenge. Ensure your DNS points all masked domains at the Accelerate Guru server before enabling ACME mode.

When ssl_mode = manual, provide a wildcard certificate or a multi-SAN certificate that covers all masked domains:

[tls_ssl]
ssl_mode = manual
ssl_cert = /etc/ssl/certs/all-domains-combined.pem
ssl_key  = /etc/ssl/private/all-domains.key

#Troubleshooting

#Links still show the origin domain

Check that origin_host in the overlay file matches exactly the hostname that appears in the HTML (case-sensitive, no trailing slash, no www. prefix unless the Magento base URL includes it).

#Cookies not working across store views

Ensure rewrite_set_cookie = true in the main config (it is true by default). If Magento sets cookies with Domain=.origin.example.com, Accelerate Guru rewrites them to Domain=.shop.example.com.

#CSP violations in browser console

If you see Content-Security-Policy errors, ensure rewrite_csp = true. Accelerate Guru will add the public host to all CSP directives that reference the origin host.

#Cached pages from one domain served to another

This cannot happen — the scheme and full hostname are part of the cache key. A cached page for shop-de.com is never served to a visitor on shop-us.com.