Question

Hiding spaces behind cloudflare

I’m wondering if it is possible to use spaces behind the cloudflare proxy for cost and security reasons. As far as I understood, this would involve the following:

  • Set up something to deny all requests to xxx.digitaloceanspaces.com from non-cloudflare IPs
  • Set up a custom subdomain on cloudflare that points to the space

Can spaces be used this way?

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Not sure if this is still an issue here for folk. We’ve recently done this for 4 separate Spaces

  1. Create Space + CDN
  2. Create a desired CNAME for your DO CDN
  3. use Cloudflare’s tool to create origin server self-signed SSL Cert specifically for the CNAME created in step 2.
  4. Use Spaces CDN option to add new subdomain certificate. Use the certificate details from step 3.
  5. You can then proxy via Cloudflare.

I am noticing that DO CDN is still quite slower compared to cloudflare and also for management and security reasons still make sense to keep cloudflare in front of all domains including the spaces domains. With S3 I used this approach mentioned @DavidLevy , but cant make it work with DO Spaces. :/

@tannerchung we just enabled this in Spaces: https://blog.digitalocean.com/custom-subdomains-for-spaces-cdn-endpoints/

Hope it’s what you are looking for. If you have feedback please let us know!