Using Platform CDN, you can deliver accelerated digital experiences to global audiences by caching pages and static assets, including JavaScript, CSS, and images, at over 65 points of presence (POPs) around the world. Visitors accessing your website load the static assets from the POP closest to their location, which decreases the time required to load a page and increases conversions.
Based on years of experience accelerating Drupal applications through Varnish®, Acquia has configured Platform CDN to optimize the delivery of digital experiences.
Before you enable and provision Platform CDN
Prerequisites
- Ensure that the Platform CDN entitlement is added to your Acquia subscription.
- Have at least one custom domain, preferably with a valid SSL/TLS root certificate.
- Get an understanding of your site’s caching strategy.
Incompatible features
- First Click Free
- Passing Acquia-provided cookies
- Redirects based on the request user-agent header
- GeoIP
- HTTP Basic Authentication
HIPAA and PCI sensitive objects
By default, HIPAA and PCI compliance are always on for all cached objects with Platform CDN. It is up to your team to configure objects that do not require this compliance.
If your objects are not HIPAA or PCI compliant and you want the cache lifetime longer than 24 hours, you must add the header X-Acquia-CDN-HP-Off. This indicates that the object is not compliant and can be stored in cache or on disk at the CDN. HIPAA and PCI sensitive objects are not stored on disk at the CDN by default.
For more information on HIPAA and PCI compliance on Cloud Platform, see Compliance with standards and regulations.
Provisioning Platform CDN
- Log in to the Cloud Platform.
- Select your application.
Select an environment.
- In the left navigation pane, click Domain Management.
On the right, click the CDN tab.
Click Provision to provision a CDN for your environment. Acquia provisions all of the custom domains in your environment on CDN. Acquia only provisions Platform CDN for custom domains. Acquia default domains does not function on CDN. For any non-conforming domain patterns, the system displays N/A.
Note
It takes some time for provisioning to complete. It may take 10+ minutes for every Point of Presence (POP) in CDN network to update for all your domains and SSL/TLS certificates.
Once provisioning is complete, the page displays two sections: your DNS information and the status of CDN provisioning for each domain.
You can see a green check mark next to the word Active. If you see an Install-Failed alert icon, see the list of possible errors before contacting Acquia Support.
- To begin directing visitor traffic through Platform CDN, change the authoritative DNS for your domain to point to the following endpoints:
- For domains that support CNAME records, configure them to point to
dualstack.acquia.map.fastly.net. The dualstack prefix in the endpoint ensures that it is IPv6 compatible without the need for a separate AAAA record. - For other domains that cannot use a CNAME record, configure at least two A records pointing to
151.101.1.193,151.101.65.193,151.101.129.193, or151.101.193.193.
- For domains that support CNAME records, configure them to point to
Testing Platform CDN
To test Platform CD, use one of the following methods:
- To test through the
/etc/hostsfile method:Edit your
/etc/hostsfile to add a line based on the following format by using the IP address and your domain name:151.101.1.193 test.example.comFor information about how to edit your
/etc/hostsfile, see Using a hosts file for custom domains during development.- Enter the domain name in your browser and examine the page response headers.
To test through the
curlcommand method, run the following command by using the IP address and your domain name:curl -Is -X GET https://www.example.com --resolve www.example.com:443:151.101.1.193
Disabling Platform CDN
To disable Platform CDN:
- After DNS is updated, log in to Cloud Platform.
- In the left-hand navigation bar, click Domain Management.
- On the right, click CDN.
- To disable CDN for the entire environment, click Disable CDN.
Disabling Platform CDN for a single or select group of domains
To disable Platform CDN for a single or select group of custom domains, visit your DNS provider and point DNS for the chosen domain(s) to your Acquia load balancer EIP. This information is available in the Regional Origin sub-section of DNS information.
SSL certificates and Platform CDN
Cloud Platform supports SSL certificates on both Platform CDN and Cloud Platform balancers, enabling you to deliver fully secure experiences for your visitors. Cloud Platform automatically copies certificates to Platform CDN as part of the provisioning process. Ensure that your certificate is uploaded to Cloud Platform. Any certificates uploaded after the initial provisioning of Platform CDN are also automatically uploaded to Platform CDN.
Understanding cache invalidation
Cache invalidation is a method of displaying new content to connected clients. During invalidation, objects are marked as outdated, and the next time a client requests these objects, the client is delivered a new version. Acquia offers two approaches to cache invalidation on its Varnish-based load balancers and Platform CDN layers: Purge and Ban.
Purge requests
Purge immediately removes content from Varnish. When the client requests the data again, the request bypasses Varnish and Drupal responds to the request. This is a path-based approach. This is the primary approach for customers using Drupal 7 and the Acquia Purge module.
Ban requests
Ban adds cached object references to a list, and client requests are checked against this list to see if there are any matches. If so, new content is fetched from the application, returned to the client, and added to the cache. Cached content is updated after a client requests the information, unlike the Purge method. This is the primary approach for customers using Drupal 9 with Purge and Acquia Purge modules.
Configuring your Drupal site for cache invalidation
Follow the next steps based on your Drupal version:
Platform CDN cache invalidation
Platform CDN respects Cache-Control and Surrogate-Control HTTP headers and tag-based invalidation. Acquia recommends using both methods as part of your application’s caching strategy.
Drupal 9 HTTP headers
Coupled with the Purge and Acquia Purge modules, the Drupal 9 cache invalidation framework expires content at Acquia Varnish and Platform CDN whenever changes occur to tagged content. This feature means that cache lifetimes at both Acquia Varnish and Platform CDN can be set to very long times and even months.
For information about how the Drupal application sets cache headers, see:
For broader control over Platform CDN objects, Acquia recommends the HTTP Cache Control module.
Drupal 7 HTTP headers: Basic configuration
Drupal 7 does not natively support tag-based invalidation. Therefore, Acquia recommends setting Drupal’s maximum time for keeping cached assets to 60 minutes. This allows assets to remain cached for a moderate amount of time before updates are fetched from Drupal. This value can be configured downwards to ensure that your visitors receive the updated content.
To configure the maximum time, log in with administrator privileges and navigate to config/development/performance. Enable caching for anonymous users and set Expiration of cached pages to the duration you require.
These settings generate the following HTTP header:
Cache-Control: public, max-age=3600
Public means the response can be stored by all caches, including Varnish, Platform CDN, and browser caches.
Cache-Control header settings only apply to dynamic content. All static assets, such as CSS fonts, images, and JavaScript files, are given Cache-Control headers by an .htaccess directive and the Apache web infrastructure:
Cache-Control: max-age=1209600
Drupal 7 HTTP headers: Advanced configuration
To get further control over Platform CDN objects, follow the instructions in Configuring Platform CDN with Drupal 7 and Cache Control Headers.
Javascript HTTP headers
You can leverage Cache-Control and Surrogate-Control HTTP headers and tag-based invalidation in Javascript applications based on Node.JS.
Cache-Control works when you set it up on the server side. When you do not set up this header on the server side, the Age header increases to 3600 seconds. Here, 3600 seconds is the TTL value. For example,
[cloudservicesdev|hosting-dev:nodejs-dev] ~/abc/git$ curl -I http://nodejs-i.john-galvin.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Content-Length: 1840
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:19:05 GMT
Age: 1228
X-Served-By: cache-bom4733-BOM
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1664360345.110256,VS0,VE1
Via: Acquia Platform CDN 1.176, HTTP/1.1 forward.http.proxy:3128
Connection: keep-alive
[cloudservicesdev|hosting-dev:nodejs-dev] ~/abc/git$ curl -I http://nodejs-i.john-galvin.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Content-Length: 1840
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:19:38 GMT
Age: 1262
X-Served-By: cache-bom4734-BOM
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1664360379.803699,VS0,VE1
Via: Acquia Platform CDN 1.176, HTTP/1.1 forward.http.proxy:3128
Connection: keep-alive
[cloudservicesdev|hosting-dev:nodejs-dev] ~/abc/git$ curl -I http://nodejs-i.john-galvin.com/
HTTP/1.1 200 OK
Content-Length: 1840
Server: nginx
Content-Type: text/html
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:25:53 GMT
Age: 1636
X-Served-By: cache-bom4723-BOM
X-Cache: HIT
X-Cache-Hits: 2
X-Timer: S1664360753.388986,VS0,VE0
Via: Acquia Platform CDN 1.176, HTTP/1.1 forward.http.proxy:3128
Connection: keep-alive
[cloudservicesdev|hosting-dev:nodejs-dev] ~/abc/git$ curl -I http://nodejs-i.john-galvin.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Content-Length: 1840
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:27:15 GMT
Age: 1718
X-Served-By: cache-bom4740-BOM
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1664360835.145788,VS0,VE1
Via: Acquia Platform CDN 1.176, HTTP/1.1 forward.http.proxy:3128
Connection: keep-alive
[cloudservicesdev|hosting-dev:nodejs-dev] ~/abc/git$ curl -I http://nodejs-i.john-galvin.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Content-Length: 1840
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:39:35 GMT
Age: 2458
X-Served-By: cache-bom4744-BOM
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1664361575.491825,VS0,VE1
Via: Acquia Platform CDN 1.176, HTTP/1.1 forward.http.proxy:3128
Connection: keep-aliveTo set up the Cache-Control header on the server (Acquia domain, for example, https://testdev.prod.acquia-sites.com/), run the following command and restart your server:
[cloudservicesdev|hosting-dev:nodejs-dev] ~/abc/git$ curl -Ik https://testdev.prod.acquia-sites.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 11:12:52 GMT
Content-Type: text/html
Connection: keep-alive
Cache-Control: max-age=100, no-cacheNote that Platform CDN takes around 30 mins for the changes to come in effect. As per the example, you can verify the changes by accessing the Acquia domain: https://testdev.prod.acquia-sites.com/. This returns the Cache-Control header in the response. After around 30 minutes, you can access the Node.js domain to view the Cache-Control header as well:
[cloudservicesdev|hosting-dev:nodejs-dev] ~/abc/git$ date && curl -I http://nodejs-i.john-galvin.com/
Wed Sep 28 16:32:12 IST 2022
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Cache-Control: max-age=100, no-cache
Content-Length: 1840
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 11:02:13 GMT
Age: 0
X-Served-By: cache-maa10229-MAA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664362933.464853,VS0,VE445
Via: Acquia Platform CDN 1.176, HTTP/1.1 forward.http.proxy:3128
Connection: keep-aliveClearing the Platform CDN cache