- We strongly recommend an origin pull configuration, so you do not need to explicitly push content to a CDN
- The CDN should normally respect the origin cache headers.
- The CDN may need to forward query strings, depending on the server. The standard Pugpig Drupal plugin does NOT require it. The standard WordPress plugin does.
- The CDN should allow and cache HEAD and OPTIONS requests
- The CDN should never touch any security calls, or receipt validators, although the cache header responses from these should ensure this
For unprotected/free content, we recommend serving all of the feeds and content from the CDN.
For protected content, there are three options
- Serve everything from the CDN with edge security checks
- Serve everything from the CDN without any edge security checks, trading security for simplicity and robustness - this option hackable if anyone wants to run a proxy
- Serve static assets from the CDN and high value content from origin