diff --git a/src/default.main b/src/default.main
index c203206..cf40383 100644
--- a/src/default.main
+++ b/src/default.main
@@ -1,4 +1,5 @@
 env JASIMA_MATOMO_HOST;
 env JASIMA_PROXY_HOST;
+env JASIMA_DEFAULT_ZONE;
 
 worker_processes auto;
\ No newline at end of file
diff --git a/src/lua/access.lua b/src/lua/access.lua
index b304e67..7eee0f9 100644
--- a/src/lua/access.lua
+++ b/src/lua/access.lua
@@ -3,15 +3,17 @@ local geo = require "geo"
 local psl = require "psl"
 local utils = require "utils"
 
-local jasima_host = config.get_jasima_host()
-ngx.ctx.jasima_host = jasima_host
-if not jasima_host then
-    ngx.log(ngx.DEBUG, "no host specified via header or cookie")
+local headers = ngx.req.get_headers()
+
+local jasima_key = config.get_jasima_key()
+ngx.ctx.jasima_key = jasima_key
+if not jasima_key then
+    ngx.log(ngx.DEBUG, "no key specified via header or cookie")
     return ngx.exit(400)
 end
 
 local err
-ngx.ctx.jasima_config, err = config.load_config(jasima_host)
+ngx.ctx.jasima_config, err = config.load_config(jasima_key)
 if err then
     ngx.status = 500
     ngx.log(ngx.ERR, "could not load config: " .. err)
@@ -24,13 +26,19 @@ if not ngx.ctx.jasima_config then
     ngx.exit(403)
 end
 
+if not ngx.ctx.jasima_config.host_canonical then
+    ngx.log(ngx.DEBUG, "no origin host specified in config")
+    return ngx.exit(400)
+end
+ngx.ctx.jasima_host = ngx.ctx.jasima_config.host_canonical
+
 local country = geo.viewer_country()
 if not ngx.ctx.jasima_config.geo_redirect_disable then
-    ngx.log(ngx.DEBUG, "geo_redirect_disable not configured for site " .. jasima_host)
+    ngx.log(ngx.DEBUG, "geo_redirect_disable not configured for site " .. ngx.ctx.jasima_host)
     if not geo.needs_mirror(country) then
-        ngx.log(ngx.DEBUG, "mirror is not needed for viewer in " .. country .. " for " .. jasima_host .. ", redirecting")
+        ngx.log(ngx.DEBUG, "mirror is not needed for viewer in " .. country .. " for " .. ngx.ctx.jasima_host .. ", redirecting")
         local request_uri = ngx.var.request_uri
-        local new_url = "https://" .. jasima_host .. request_uri
+        local new_url = "https://" .. ngx.ctx.jasima_host .. request_uri
         return ngx.redirect(new_url, ngx.HTTP_MOVED_TEMPORARILY)
     end
 end
@@ -44,8 +52,6 @@ if err then
     return ngx.exit(500)
 end
 
-local headers = ngx.req.get_headers()
-
 -- Remove the headers that should not be proxied to the origin
 for k, v in pairs(headers) do
   if k:lower():match("^jasima%-") then
@@ -60,9 +66,9 @@ if ngx.ctx.jasima_config.headers then
     end
 end
 
-local host_connect = ngx.ctx.jasima_config.host_connect or jasima_host
-local host_header = ngx.ctx.jasima_config.host_header or jasima_host
-local host_ssl = ngx.ctx.jasima_config.host_ssl or jasima_host
+local host_connect = ngx.ctx.jasima_config.host_connect or ngx.ctx.jasima_host
+local host_header = ngx.ctx.jasima_config.host_header or ngx.ctx.jasima_host
+local host_ssl = ngx.ctx.jasima_config.host_ssl or ngx.ctx.jasima_host
 
 -- Handle first party Tealium installations
 if ngx.ctx.jasima_config.first_party_tealium then
@@ -105,7 +111,7 @@ if #ngx.ctx.upstream_ips == 0 then
 end
 
 -- Set the nginx host variables
-ngx.var.jasima_host = jasima_host
+ngx.var.jasima_host = ngx.ctx.jasima_host
 ngx.var.jasima_host_connect = host_connect
 ngx.var.jasima_host_header = host_header
 ngx.var.jasima_host_ssl = host_ssl
diff --git a/src/lua/config.lua b/src/lua/config.lua
index 9421484..fded9fd 100644
--- a/src/lua/config.lua
+++ b/src/lua/config.lua
@@ -4,10 +4,18 @@ local redis = require "resty.redis"
 
 local _M = {}
 
-function _M.get_jasima_host()
+function _M.get_jasima_key()
     local headers = ngx.req.get_headers()
-    if headers["Jasima-Host"] then
-        return headers["Jasima-Host"]
+    if headers["Jasima-Key"] then
+        return headers["Jasima-Key"]
+    end
+
+    if headers["Host"] then
+        local host = headers["Host"]
+        local default_zone = os.getenv("JASIMA_DEFAULT_ZONE")
+        if string.sub(host, -string.len(default_zone)) == default_zone then
+            return string.sub(host, 1, string.len(host) - string.len(default_zone) - 1)
+        end
     end
 
     local cookie, err = ck:new()
@@ -16,11 +24,9 @@ function _M.get_jasima_host()
         return nil
     end
 
-    local jasima_cookie, err = cookie:get("jasima_host")
+    local jasima_cookie, err = cookie:get("jasima_key")
     if jasima_cookie then
         return jasima_cookie
-    elseif err then
-        ngx.log(ngx.ERR, "failed to get jasima_host cookie: ", err)
     end
 
     return nil
@@ -71,9 +77,9 @@ function _M.load_pool_mapping(pool_name)
     return cjson.decode(res)
 end
 
-function _M.load_config(jasima_host)
+function _M.load_config(jasima_key)
     local cache = ngx.shared.jasima_cache
-    local cache_key = "config:" .. jasima_host
+    local cache_key = "config:" .. jasima_key
     local cached = cache:get(cache_key)
     if cached then return cjson.decode(cached) end
 
@@ -82,7 +88,7 @@ function _M.load_config(jasima_host)
     local ok, err = red:connect("redis", 6379)
     if not ok then return nil, "Redis connect failed: " .. err end
 
-    local key = "jasima:config:" .. jasima_host
+    local key = "jasima:config:" .. jasima_key
     local res, err = red:get(key)
     if not res or res == ngx.null then return nil, "No config in Redis" end