Important note

This tutorial assumes you have already created a Pull Zone.

If you plan on using custom domains to pull files from the CDN you should setup your CNAME records within the CloudFlare DNS editor, and not on the web-hosting end!

What is CloudFlare

CloudFlare is a free system that acts as a proxy between your visitors and our server. By acting as a proxy, CloudFlare caches content for your site, which lowers the number of requests to our servers, but still allows visitors to access your site.

What is a CDN

CDN stands for Content Delivery Network, and it works by acting as a reverse proxy that caches all your static contents, and serves them to your website visitors from servers spread across the globe. This can lower the number of requests sent to your server to zero at any given moment, as long as the cached files are neither expired nor purged from the network. When the static contents are served to your website visitors from servers that are closer to them than your web server, the website loads faster, which provides a better user experience and also reduces the load on your web server.

The conflicts

First Conflict

The way CloudFlare works includes appending cookies and custom expiry headers that look like this:

sh-4.1$ curl -I
HTTP/1.1 406 Not Acceptable
Server: cloudflare-nginx
Date: Tue, 14 Aug 2012 14:31:59 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding,Cookie,User-Agent
Expires: Wed, 15 Aug 2012 14:31:59 GMT
Set-Cookie: __cfduid=de8b7126ad3841cd0da33c69651231c901344954719; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/;

When these cookies and headers are sent to our CDN Network, it causes a conflict that prevents us from properly caching your static assets. That results in a very low cache hit percentage, along with an increased number of requests being sent to CloudFlare, which will negatively affect the load speed of your website.

Second Conflict

CloudFlare automatically utilizes a load balancer, which dynamically changes the IP address of your website. Usually this is not an issue, however since our system depends on matching the IP address of the origin website with the FQDN/domain/URL, it will cause a conflict which will result into our servers unable to fetch and cache your static contents, generating a 502 Bad Gateway error.

The Solution for the First Conflict

We have implemented a new option within the Control Panel, which ignores the cookie’s existence on requested files. So after the CDN pulls the file from origin, it will ignore the cookie and cache the file.

This option is available within the Settings tab after you go to Manage Zone. Click the box next to Strip All Cookies and then click Update:





The Solution for the Second Conflict

In the past we used Pull Zone 2.0, which utilized the Apache Traffic Server to overcome the dynamic IP problem caused by CloudFlare, Amazon AWS, and other load balancing techniques. Apache Traffic Server had its problems, and lacked support for GZip compression. So we re-invented the Pull Zone to add an option for dynamic IP resolution, which is enabled by default when zone is created. If you have already defined the Origin IP, you can uncheck Origin IP Resolution within your zone’s settings and then dynamic IP resolution will be enabled for that zone. Also, you can contact us at so we can make sure that dynamic IP resolution is definitely enabled for your zone.