Is it possible to use CloudFlare with Fastly CDN


#1

Hello,

Is it possible to use CloudFlare alongside Fastly (a CDN)

We want to do something like this:

https://differentdomain.com/specialfolder/

serves up content from:

https://subdomain.usualsite.com

We have subdomain.usualsite.com registered and set up beautifully with CloudFlare, and all working well, SSL loading, returning a 200 header etc.

However, when routing the traffic to and from https://differentdomain.com/specialfolder/ what gets returned is a 403 from CloudFlare

Is there something special we need to turn on or off or configure? Thanks!


#2

That won’t work without a bit of configuration. You need to allow that host to access the site on the server. It shouldn’t be related to Cloudflare. It would work this way even if Cloudflare wasn’t there.


#3

Thanks for your reply Matteo! We can offer them an IP address to connect direct to the server instead (bypassing CloudFlare) but just not sure if that’s the best route to go, we’d like to route through CloudFlare if possible.


#4

I have never tried a CNAME to a Cloudflare enabled host, but in theory it should work just the same as anything else. Probably @cscharff is the best person to ask. The thing is that the server needs to allow requests as that origin and reply accordingly.


#5

I mean technically Cloudflare is a CDN as well, there really isn’t a need for two in most instances… But I get it, I have customers with existing infrastructure, contracts, political issues so it’s not an unheard of configuration to use another CDN behind Cloudflare. Yes, it’s possible.

Ok, so usualsite.com is using Cloudflare. And it works. Because of the sample domains names I’m a bit unclear. Is different domain.com using Cloudflare? Is it on Fastly? Do you own/control both usualsite.com and differentdomain.com?

For the moment I am going to assume that you manage both domains and differentdomain.com is on Fastly based on the question. In Fastly are you overwriting the host header to subdomain.usalsite.com? If you do a curl direct to Cloudflare in this instance bypassing Cloudflare, does it return an error?

curl -Ikv -H “Host: subdomain.usualsite.com” https://differentdomain.com/specialfolder/ --resolve differentdomain.com:443:your.cloudflare.ip.for.subdomain.usualsite.com

(Might double-check the -H syntax, but pretty sure the rest is correct).


#6

Hi again,
that’s perfect thank you for the information…

Actually the client has access to the fastly configuration and their domain, I have no access at all. But good news is: they managed to get it all working with no changes at all on CloudFlare configuration. I’m not sure exactly what they did… but yes it works :slight_smile:

Massive thanks again… I didn’t know if this would ever work!