Child pages
  • Add HTTP Pull CDN Resource with Advanced Settings
Skip to end of metadata
Go to start of metadata

To create an HTTP resource with advanced settings, use the following request:

POST /cdn_resources.xml
POST /cdn_resources.json

XML Request example

curl -i -X POST -H 'Accept: application/xml' -H 'Content-type: application/xml' -u user:userpass --url http://onapp.test/cdn_resources.xml -d '<cdn_resource><resource_type>HTTP_PULL</resource_type><cdn_hostname></cdn_hostname><origin></origin><cdn_ssl_certificate_id>ssl_sert_id</cdn_ssl_certificate_id><edge_group_ids type="array"><edge_group_id>225</edge_group_id></edge_group_ids><secondary_hostnames type="array"><secondary_hostname></secondary_hostname><secondary_hostname></secondary_hostname></secondary_hostnames><ip_access_policy>BLOCK_BY_DEFAULT</ip_access_policy><ip_addresses>,</ip_addresses><country_access_policy>ALLOW_BY_DEFAULT</country_access_policy><countries type="array"><country>AL</country><country>GT</country></countries><hotlink_policy>ALLOW_BY_DEFAULT</hotlink_policy><domains></domains><url_signing_on>1</url_signing_on><url_signing_key>12345qwertyyu</url_signing_key><cache_expiry>45</cache_expiry><password_on>1</password_on><form_pass><user type="array"><string>user123new</string><string>user234new</string></user><pass type="array"><string>passw123new</string><string>passw234new</string></pass></form_pass><password_unauthorized_html>YOU ARE NOT AUTHORIZED</password_unauthorized_html><flv_pseudo_on>1</flv_pseudo_on><mp4_pseudo_on>0</mp4_pseudo_on><limit_rate>150</limit_rate><limit_rate_after>1</limit_rate_after><proxy_cache_key>$host$uri</proxy_cache_key><proxy_read_time_out>60</proxy_read_time_out><proxy_connect_time_out>20</proxy_connect_time_out><http_bot_blocked>1</http_bot_blocked><origin_policy>HTTP</origin_policy></cdn_resource>'

JSON Request example

curl -i -X POST -H 'Accept: application/json' -H 'Content-type: application/json' -u user:userpass --url http://onapp.test/cdn_resources.json -d '{"cdn_resource":{"resource_type":"HTTP_PULL","origin":"","cdn_hostname":"","cdn_ssl_certificate_id":"ssl_cert_id","edge_group_ids":["225"],"secondary_hostnames":["",""],"ip_access_policy":"ALLOW_BY_DEFAULT","ip_addresses":",","country_access_policy":"BLOCK_BY_DEFAULT","countries":["AL","AR","GT","HR"],"hotlink_policy":"ALLOW_BY_DEFAULT","domains":"","url_signing_on":"1","url_signing_key":"12345sfdfdsfsd","cache_expiry":45,"password_on":1,"form_pass":{"user":["user190","user278"],"pass":["pass123","pass2348"]},"password_unauthorized_html":"<b>You are blocked!</b>","mp4_pseudo_on":"1","mp4_pseudo_on":"1","flv_pseudo_on":"1","ignore_set_cookie_on":"1","limit_rate":"150","limit_rate_after":"1","proxy_cache_key":"$host$uri","proxy_read_time_out":"60","proxy_connect_time_out":"20","http_bot_blocked":1,"origin_policy":"HTTP"}}'                      


origin* - the path from which the CDN requests the content. When using the hostnames according to RFC 1035, the origin may consist of letters [A-Z a-z] (case insensitive manner), digits [0-9], and dash [ - ]. The limit for hostname is 255 chars. You can specify up to 3 origins.

When you are specifying only one origin, it can be either a CDN hostname or an IP address. In case you are specifying more than one origin, they can only be IP addresses.

To send two or more origins in the API request, use array. For example:

<origins type="array">

cdn_hostname* - indicate the hostname which will serve static content. Specify the following fourth-level domain name for this parameter to create a resource with SSL enabled: "", where replace the example with the desired name.

If the CDN hostname ends with '', SSL will be enabled automatically.

resource_type* - HTTP_PULL

(lightbulb)cdn_ssl_certificate_id - the ID of the custom SNI SSL certificate you want to add to the resource. You should only specify the IDs of those certificates that were added by the user with whom the new resource will be associated.

edge_group_ids* - indicate the ID(s) of required CDN edge groups

secondary_hostnames - an array of secondary CDN hostnames. You can add up to 7 secondary CDN hostnames. For example:

<secondary_hostnames type="array">	

To be able to use a secondary hostname for the CDN resource with SSL enabled, you require an SSL certificate for your custom hostname. For help with questions about the SSL certificate purchase, please contact OnApp support.

ip_access_policy - configure a rule to control access to the CDN resource's content for a range of IP addresses:

  • ALLOW_BY_DEFAULT - allow IP access policy by default, except for IP addresses specified in the ip_addresses parameter
  • BLOCK_BY_DEFAULT - block IP access policy by default, except for IP addresses specified in the ip_addresses parameter
  • NONE - switch off the IP access policy

ip_addresses - IP address(es) related to ip_access_policy parameter; The comma-separated list of IP addresses or IP ranges allowed/blocked by default. Use the following format ","

hotlink_policy - configure hotlink policy properties to protect your content from unauthorized hotlinking:

  • ALLOW_BY_DEFAULT - allow hotlink policy by default, except for domains specified in the domains parameter
  • BLOCK_BY_DEFAULT - block hotlink_policy by default, except for domains specified in the domains parameter
  • NONE - switch off the rule

domains - domains related to hotlink_policy

country_access_policy - configure a rule to control access to the CDN resource's content for specified countries:

  • ALLOW_BY_DEFAULT - allow country access policy by default, except for countries specified in the countries parameter
  • BLOCK_BY_DEFAULT - block country access policy by default, except for countries specified in the countries parameter
  • NONE - switch off the country access policy

countries - country codes, related to country_access_policy in ISO 3166-1 alpha-2 format

cache_expiry - set the cache expiry time in minutes (min=1, max=35000000)

url_signing_on - set 1 to enable and protect your files from unauthorized access with a key

url_signing_key - input the key for URL signing. Input letters and digits (6-32 symbols).

password_on - set 1 to enable and to restrict access to the resource (cdn_hostname), otherwise set 0

form_pass - an array with usernames and passwords to access the resource

pass - the user password.

user - the user login, which may consist of letters [A-Z a-z] (case insensitive manner), digits [0-9], underscore [ _ ], and dash [ - ].The first symbol should be alphabetic. The username cannot be duplicated.

password_unauthorized_html - text, which will be displayed in case of fail of authentication. Max 1000 chars.

mp4_pseudo_on - set 1 to enable MP4 pseudo streaming, otherwise set 0

flv_pseudo_on - set 1 to enable FLV pseudo streaming, otherwise set 0

ignore_set_cookie_on -set 1 to enable caching content with Set-Cookie response headers, otherwise set 0 to ignore content caching

Nginx Settings

  • limit_rate - sets speed limit of a response to a client (per request) in KB/s. Maximum limit rate value - 2147483647 KB/s
  • limit_rate_after - sets the amount after which the speed of a response to a client will be limited in KB. Maximum limit rate after value -2147483647 KB
  • proxy_read_time_out - proxy server response timeout in seconds. Maximum proxy read timeout value - 65535 seconds
  • proxy_connect_time_out - timeout for establishing connection with proxy server in seconds. Maximum proxy connect time out value - 75 seconds.
  • proxy_cache_key - specify the key for caching. This parameter defines what information  is included in the cache key.You can set the following options:

    • $host$request_uri
    • $host$uri
    • $proxy_host$request_uri
    • $proxy_host$uri

http_bot_blocked - set 1 to block web crawling bots from indexing the CDN content (for HTTP Pull CDN resources only)

origin_policy - set the parameter to choose the type of connection. Possible values are: HTTP, HTTPS, AUTO.


You will get a response consisting of two parts - the header with HTTP status code and the response body including the parameters. At this stage some of the parameters can be empty. This is expected behavior, because the full process of creation takes some time, and remote service cannot fill in the parameters at this time. For the complete list of parameters use GET request.


XML Response Example


HTTP/1.1 201 
Date: Wed, 31 Jul 2013 09:19:55 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.17
X-UA-Compatible: IE=Edge,chrome=1
ETag: "915066feccf0b14edaa50af485b3b705"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: f48bc47604a5784aafc5f98dab733465
X-Runtime: 0.387472
X-Rack-Cache: invalidate, pass
Set-Cookie: _session_id=2cc141e9002d8d3df5c4033dbda2a090; path=/; HttpOnly
Location: http://onapp.test/cdn_resources/10743
Status: 201
Content-Length: 797
Connection: close
Content-Type: application/xml; charset=utf-8

<?xml version="1.0" encoding="UTF-8"?>
  <created_at type="datetime">2013-07-31T12:19:55+03:00</created_at>
  <id type="integer">10743</id>
  <updated_at type="datetime">2013-07-31T12:19:55+03:00</updated_at>
  <user_id type="integer">20</user_id>
  <last_24h_cost type="float">0.0</last_24h_cost>
  <cdn_reference type="integer">431059243</cdn_reference>
  <secondary_hostnames type="array">
  <origins type="array">
  <ssl_on nil="true"/>

Page history

v 4.0

  • Added cdn_ssl_certificate_id parameter that enables a user to associate a custom SNI SSL certificate with a CDN resource

v. 3.3.1

  Added the following parameter:

  •  origin_policy
#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
  • No labels