Create HTTP CDN Resource

To add an HTTP CDN resource: 

  1. Go to your Control Panel > CDN > Resources menu. The page that loads shows the list of CDN resources.
  2. To create a new CDN resource, click the "+" button in the top right corner or the CDN Resource Wizard button.

  3. Follow the steps of the CDN resource creation wizard:

On this page:

  1. Type Select

    Select the required resource type - HTTP, by clicking the corresponding button and click Next to proceed.


    • CDN hostname – the hostname from which you will serve static content.
      E.g. if your site (origin) is, and you want to serve static content from the CDN and make it available at, then would be the CDN hostname.
    • Enable SSL - move the slider to the right to enable the secure socket protocol for your CDN resource.

      • Let's Encrypt - select this option if you want to use a Let's Encrypt SSL certificate for the resource

        The Let's Encrypt SSL certificate is automatically generated for the following types of hostname:

        All the hostnames are bundled into one Let's Encrypt SSL certificate. If the secondary hostname cannot be validated, the system generates the LE certificate based on the CDN hostname, CNAME, and Operator Basehostname. The unverified hostname is revalidated by the system every 15 minutes.

      • Shared SSL - choose this option if you want to apply a shared SSL certificate for the resource

        If the SSL protocol is enabled, you can only have fourth-level domain names.
        If you select the Shared SSL certificate, the '' ending will be automatically added to the CDN hostname. Be aware that if CDN hostname ends with '', it can not be digit-only (for example is not applicable).

        A CDN resource can only be linked to one SSL certificate - Let's Encrypt, shared, or custom SNI.

      • Custom SNI SSL - choose this option if you want to apply a custom SNI SSL certificate for the resource and choose the required certificate from the drop-down menu
    • Content origin – specify the content origin type (PULL or PUSH):
      • For the PULL type, you can use a custom origin port. Specify a port number using the colon character (":") in the Origins field. If you do not indicate the origin port, then the system will put it by default depending on origin policy:
        • 80 if origin policy is HTTP

        • 443 if origin policy is HTTPS

        • None if origin policy is AUTO, that is when the origin port is custom

          The valid port values include 80, 443, and the range from 1024 to 65535. Values other than mentioned above will be forbidden.

          In case of using multiple origins, the same port number should be specified for all origins using a colon character (":"). Erase the port number from the origin resource field to reset the custom origin port.

      • For the PUSH type:
        • Storage server location - choose the storage server location from the drop-down menu.
        • FTP password - specify the FTP password. It can consist of 6-32 alphanumeric characters.
        • FTP password confirmation - confirm the password.

    Edge Locations

    Tick the box next to the edge group(s) that will share the new resource. Available groups depend on the assigned bucket's edge groups limit.

    The map displays own, subscribed and available CDN resources:

    Map legend:

    At this point, you can create the CDN resource or proceed to the Advanced Settings step which is optional in the wizard.

    Advanced Settings

    Origin Policy

    Choose the type of the connection from the drop-down menu. Select HTTP, HTTPS or Auto.

    Country Access

    Configure a rule to enable/disable access to the CDN resource’s content for specified countries.

    • Access Policy – select Disabled to switch off the rule, otherwise, choose between Allow by default/Block by default.
    • Except for Countries – select countries to which the access policy won’t be applied. To select more than one country, hold Ctrl during selection.

    Hotlink Policy

    • Hotlink Policy – select Disabled to switch off a hotlink policy, otherwise, choose between Allow by default/Block by default.
    • Except for domains – specify domains to which the hotlink policy won’t be applied

    IP Access

    Configure a rule to enable/disable access to the CDN resource’s content for a range of IP addresses, including both IPv4 and IPv6.

    • Access Policy – select Disabled to switch off the rule, otherwise, choose between Allow by default/Block by default.
    • Except for IP Addresses – fill in IP address(es) to which the access policy won’t be applied.

    Secondary CDN Hostnames
    Submit secondary hostnames apart from the default one for HTTP based CDN sites. With these configured, users will be able to access the CDN site using secondary CDN hostname(s). You can add up to 7 secondary CDN hostnames to your CDN resource.

    To be able to use a secondary hostname for the CDN resource with SSL enabled, you require an SSL certificate for your custom hostname. For help with questions about the SSL certificate purchase, please contact OnApp support.

    URL Signing

    For the instructions on using URL signing, refer to the URL Signing guide.

    Cache Expiry

    • Cache expiry – set the cache expiry time in minutes (min=1, max=35000000).


    • Enable Password – move the slider to the right to restrict access to the resource (cdn hostname).
    • Unauthorized HTML – fill in the text which will be displayed for unauthorized login.
    • Username – choose a  username.
    • Password – select password for the user.

    To remove a user, clear both fields.

    Pseudo Streaming

    • Enable MP4 pseudo streaming – move the slider to the right to enable the pseudo streaming support for MP4 file type.
    • Enable FLV pseudo streaming – move the slider to the right to enable pseudo streaming for FVL file type, respectively.

    With pseudo streaming enabled, your viewers can seek around a video even if it has not finished downloading. A Flash player and a prepared video are required for pseudo-streaming.

  • CORS Header

    • Enable CORS headers - move the slider to the right to enable cross-origin resource sharing (CORS) by adding HTTP header with Access-Control-Allow-Origin: *

  • Ignore Set-Cookie

    Ignore Set-Cookie - move the slider to the right to enable caching content with Set-Cookie response headers.

    Nginx Settings

    • Limit rate - set speed limit of a response to a client (per request) in KB/s. Maximum limit rate value - 2147483647 KB/s
    • Limit rate after - the amount after which the speed of a response to a client will be limited in KB. Maximum limit rate after value -2147483647 KB
    • Proxy cache key - key for caching. Select one of four supported types from the drop-down list:
      • $host$request_uri
      • $host$uri
      • $proxy_host$request_uri
      • $proxy_host$uri

    Search Engine Crawlers

    • Block search engine crawlers - move the slider to the right to block web crawling bots from indexing the CDN content (for HTTP Pull CDN resources only).

    HTTP Live Streaming (HLS) Optimization

    • Enable HLS Optimization - move the slider to enable/disable HLS optimization. This option is available only for HTTP Pull CDN resources. 
    • Enforce Cache Expiry - tick this checkbox to create an HTTP rule that will enforce cache expiry. After you enable HLS optimization during HTTP Pull resource creation or editing, this check box will not be displayed if you edit the resource as long as the Enable HLS Optimization option is switched on. If you disable the option and then enable it again, this checkbox will be displayed. If an enforce cache expiry rule has already been set for the resource, a new rule will not be created after you check this box and save changes. You can manually add or delete the HTTP rule that will enforce cache expiry on the HTTP Caching Rules page of your CDN resource.

  • Click Create CDN Resource.