How to serve public CDN file securely?

caching
workers

#1

Hi Guys,

I have a free icon font pack ( https://lineicons.com/ ) and I provide free CDN facility to make easier for our users to get started. As I am serving CDN file publicly, I am little bit concerned about security and cost (getting increased day by day).

I would like to know, how I can serve CDN file securely and in cost-effective way (for example: https://cdn.lineicons.com/1.0.1/LineIcons.min.css) using cloudflare workers or other services?

Thanks in advance :slight_smile:


#2

As it’s been almost a day with no reply…why are you interested in using Workers to serve a file?

Right now, your domain goes through Cloudflare, but that subdomain comes from AWS S3. If you set that subdomain to :orange:, it should cache through Cloudflare and save you some money.


#3

Thanks @sdayman for your reply. I am having the same feeling here, I was serving file by following this way before moving to S3/Cloudfront. I think, its time to back to CF :stuck_out_tongue: not interested to spend that much $ to maintain a non-profit product :slight_smile:


#4

I guess what’s the securely question? If it’s a public file, what’s secured?


#5

I am noob on security and DevOps technology, I thought workers may have some built-in functions to serve public CDN file efficiently. As I can see there are few security risks as well while serving public CDN file: https://hacks.mozilla.org/2015/09/subresource-integrity-in-firefox-43/ and this is the main reason of asking :slight_smile:
I hope, it’s much clearer now :blush:
Cheers


#6

Subresource Integrity (SRI) is to prevent file changes in files. You should secure the origin and all connections in between. Use Full (Strict). I don’t think Workers can be helpful for only this reason, if there is some other task you need to do then Workers can help.


#7

:pray: