Setup CDN and WAF

April 25, 2024

Introduction

We are thrilled to assist you in configuring your Content Delivery Network (CDN) and/or Web Application Firewall (WAF), depending on your contract. Before beginning the CDN/WAF setup, there is a prerequisite that involves using a dedicated URL for the Jahia contribution interface.

Prerequisite

To ensure a smooth setup, please complete the following prerequisite:

  1. Dedicated Domains: Use dedicated domains for the Jahia contribution interface. Suggested domains include:
    • Contribution Interface: edit.mydomain.com (Accessing the edition/contribution interface is not supported trough the CDN/WAF. Note that it can also be your technical domain) 
    • Public Interface: mydomain.com

Let us know once you have completed this step so that we can proceed to the next phase.

Information Request

Before initiating the setup, we kindly request the following information for each domain you wish to configure:

  1. Domain Name: [e.g., edit.mydomain.com]
  2. SSL Certificate: Provide the SSL certificate for the domain in PEM format, including wildcard or multi-domain certificates if applicable. Additionally, include the certificate chain.

Once we receive this information, our team will start the setup process and ensure the seamless operation of your CDN and WAF.

CDN/WAF Setup Process

The Jahia Cloud Team will handle the setup process, including the creation of the CDN/WAF distribution. This will result in the generation of a dedicated CloudFront URL that redirects to your Jahia Cloud environment. The team will upload the SSL certificate and provide you with the CloudFront URL. The URL provided will look like https://xxxxxxxxxx.cloudfront.net

Testing & Validation 

You simply need to add entries in your host file pointing to xxxxxxxxxx.cloudfront.net (the production CDN endpoint) for mydomain.com. Then, you be able to see hits and misses from CloudFront in the headers when you access the site. Make sure to test all site features.

DNS Configuration

To complete the setup, you need to create a CNAME in your DNS configuration to redirect mydomain.com to the CloudFront URL xxxxxxxxxx.cloudfront.net. However, note that the contribution domain (edit.mydomain.com) should point directly to the Jahia environment.

Caching Configuration 

We are caching the following types of assets for a one hour duration. 

  • AVI files (*.avi)
  • BMP images (*.bmp)
  • CSS files (*.css)
  • GIF images (*.gif)
  • ICO files (*.ico)
  • JPG images (*.jpg)
  • JPEG images (*.jpeg)
  • JavaScript files (*.js)
  • MKV files (*.mkv)
  • MP3 audio files (*.mp3)
  • MP4 video files (*.mp4)
  • OGG audio files (*.ogg)
  • PDF documents (*.pdf)
  • PNG images (*.png)
  • SVG images (*.svg)
  • Compressed SVG files (SVGZ) (*.svgz)
  • WEBM video files (*.webm)
  • WEBP images (*.webp)
  • WOFF font files (*.woff)
  • WOFF2 font files (*.woff2)
  • XML files (*.xml)