Information for: DEVELOPERS   PARTNERS

Getting started with Acquia Cloud Edge

The process of getting started with Acquia Cloud Edge requires that you prepare your application by making changes to the following settings:

Note

For a walkthrough of the Acquia Cloud Edge dashboard you will use when changing these settings, visit the Acquia Academy (sign-in required) for the Acquia Cloud Edge Onboarding: Dashboard Walkthrough video tutorial.

Configuring your domain settings

As part of Acquia Cloud Edge, your team must configure your DNS using either of the following methods:

  • Authoritative DNS: You move your DNS to Acquia Cloud Edge, and then use Acquia Cloud Edge as your authoritative DNS service. Acquia recommends using the Authoritative DNS method to maximize the benefits provided by Acquia Cloud Edge. For more information about this method, see Authoritative DNS Implementation on Acquia Academy.

  • Partial CNAME setup: You keep your DNS with your current DNS service, and direct your traffic through Acquia Cloud Edge using a CNAME record. For more information about this method, see CNAME DNS Implementation on Acquia Academy.

    To send traffic for your bare domain to Acquia Cloud Edge, add a redirect on your webserver using a .htaccess file to forward traffic to the subdomains you have proxied through Acquia Cloud Edge.

    Limitations of the Partial CNAME setup

    Domains using the Partial CNAME setup for Acquia Cloud Edge have the following limitations:

    • Distributed denial of service (DDoS) protection for attacks against DNS infrastructure is available only for the domain records you delegate to Acquia Cloud Edge.
    • Security and acceleration benefits are available only for the subdomain records (such as www.example.com) you delegate to Acquia Cloud Edge. Bare, or root, domains (such as example.com) cannot be protected or accelerated using Acquia Cloud Edge due to the DNS RFC (Request for Comment) 1033, which requires root domains to use A records instead of CNAMEs.

Configuring your SSL settings

When setting up Acquia Cloud Edge, your team must configure your SSL settings, and the SSL option you select depends on the nature of your website’s content. Use the information in the following table to help you select the appropriate SSL option for your needs:

SSL Option Description
Off For websites that don’t contain sensitive information (such as a personal blog), the Off option will normally suffice, due to secure connections not being required.
Flexible Acquia does not recommend the Flexible option if your website stores any sensitive information.
Although selecting this option may seem to be safe, doing so can lead to security risks. With this setting enabled, a fully-secure connection exists only between the visitor and Acquia Cloud Edge; not between Acquia Cloud Edge and your origin server.
Visitors will access your website using HTTPS and assume there is a fully-secure connection, which isn’t the case. With the website indicated as secure, a user may share personal or sensitive information, which puts the user at risk of disclosing secure information over an insecure connection.
Full, Full (strict) For use with any website that contains sensitive information. Acquia recommends at least the use of Full, if not Full (strict). The Full (strict) option is the most secure option, as it requires your SSL certificate be valid and signed by a certificate authority, ensuring the maximum level of certificate authenticity.