Disable App Platform’s Cloudflare CDN and use your own CDN | Voters

Disable App Platform’s Cloudflare CDN and use your own CDN

bill

When you create a new app in app platform Cloudflare CDN is enabled by default. This creates a lot of overhead in requests if you use it with your own CDN. eg. My CDN -> App Platform Cloudflare CDN -> Origin server.

We should be able to disable App platform’s CDN via App Platform settings.

April 25, 2024

Vasilis "Tzikis" Georgitzikis

bill I just found this ticket, maybe we should upvote that one: https://ideas.digitalocean.com/app-platform/p/option-to-modify-cloudflare-settings-or-completely-disable-cloudflare

Vasilis "Tzikis" Georgitzikis

I was just trying to figure out how to do that yesterday, and decided to make a request about it, so interesting that more people are asking for it but it makes total sense.

For what it's worth, the reasons why I need this are many:

App Platform's Cloudflare CDN doesn't honor the Cache-Control header's stale-while-revalidate value, even though the standard is 14 years old. We need this because we have a slow API endpoint and we want the CDN to serve the last value while waiting for the new one
App Platform's Cloudflare CDN doesn't honor the Vary header. We need this because Django replies with an html or json response based on headers used, Cloudflare caches the first response regardless of the headers used. That means that, if the first request is for the html version, every subsequent request gets the html version, even if it's an ajax rest api request for the json version, which completely breaks functionality for our website until the cache is invalidated
On our dev machines, we are whitelisting our IPs through env vars, in order to access the debug console. I'm sure there are other uses for that as well. Since the App Platform goes through Cloudflare's CDN:

a. We need to whitelist a bunch of different cloudflare IPs in order for this to work, depending on the proxies we end up going through

b. That means that we're also whitelisting every other user who goes through that same Cloudflare proxy

Cloudflare adds its own cookie
Related to 1, 2 & 4, we will probably end up using our own CDN, and we've tested Fastly. We had to go through some hoops to make it work cause of #4, but it seems to work. So we still have the same overhead that the OP mentioned. Even so, #3 is still a problem for us, and #2 is still a problem if someone (even just a web spider) somehow calls the publicly available API with the html version, directly on DO/Cloudflare's URL