Aws S3 with https: integration with cloudflare


#1

Hello …

I am using cloudflare mainly for image optimizations of my website. All of the images are stored in AWS S3. Also we should the traffic via https as well. If we use https option of Amzon cloudfront for my website, can i get benefit of cloudflare image optimizations. My understanding is that cloudflare will do image optimization only if the images are in origin servers only.

thanks,

Regards,
Navas


#2

Can you clarify a little? You use AWS just to serve your images but have your site on a different origin? And it’s all behind Cloudfront.


#3

I have a photoblog set up like this. It’s actually a static site served entirely via S3 buckets but that part isn’t really relevant.

Basically I have my images in an S3 bucket named img.domain.com with CloudFront set up with that bucket as its origin. In the CloudFront distribution settings I added the CNAME img.domain.com. Once the CloudFront distribution is live it will have a domain name like somestring.cloudfront.net, which you can then add to the Cloudflare DNS tab as a CNAME record img.

This is how I have it set up - not sure if it’s the best approach.

Are you asking about Polish specifically? Because that I’m not sure about…

From the Polish announcement blogpost:

When an image is fetched from your origin our systems automatically optimize it in our cache.

Leads me to believe that it will work regardless of where your images are coming from, but someone else will have to verify that :sunglasses:


#4

Hello Ryan …

Setup is like website is working in one origin server but all the images are stored in AWS S3.
Another concern is with AWS S3 it’s difficult provide https. So using cloudfront to get https URL for all the images.

So images are with cloudfront with AWS S3 origin, website is another web server as the origin.

But with cloudflare apart from the security I want to use polish image optimization …

I hope it’s clear now …

thanks,

REgards,
Navas


#5

Hi.

Is this the path your images are taking (or that you would like them to take)?

S3 bucket --> CloudFront --> Webserver --> Cloudflare --> User

If so, maintaining HTTPS for the entire chain might be possible based on these articles (I haven’t tested it myself yet)

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https.html

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-cloudfront-to-s3-origin.html

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html

Sorry, I still don’t know about Polish…


#6

Thanks Andy …

Exactly this is the path … S3 bucket --> CloudFront --> Webserver --> Cloudflare --> User

Still my concern is how much it’s benefited with cloudflare polish for image optimizations …

Br
Navas


#7

I have wondered that myself for my photoblog… From what I’ve gleaned you can go lossless (strip only metadata) or lossy (some compression), and also enable WebP conversion for supported browsers, as outlined in this article

I’m hoping that someone who has actually used Polish will chime in here with their experiences/thoughts.


#8

It’s ok … but the thing is I will be pushing https cloudfront URLs of stored images with my web pages …

it means how much is it worakable cloudfront https URL >>>> Cloudflare Polish …?


#9

I don’t have a test environment set up for this right now unfortunately. For my photo site I use Flexible SSL and have ‘Always use HTTPS’ and ‘Automatic HTTPS Rewrites’ enabled.

In your CloudFront distribution > Behaviors tab, you can edit the Cache Behavior ‘Viewer Protocol Policy’ to be HTTPS only (or redirect HTTP to HTTPS). If you use the provided CloudFront domain, like https://d2nofq8rv63b0s.cloudfront.net/IMG_2550.jpg, CloudFront provides the cert. If you use a custom domain like I do for production, you’d need to use the AWS cert or import your own…