User-Friendly URL (Edge CNAME)

Applies To:

HTTP LargeThis platform has been optimized to cache and deliver static content (e.g., HTML, CSS, JavaScript, ISO, multimedia, and software downloads, etc.) over HTTP or HTTPS.

HTTP SmallLegacy. If you are currently serving traffic over this platform, then you may continue to do so. However, we recommend that you serve your traffic over our more robust HTTP Large platform.

ADNThe Application Delivery Network platform has been optimized to deliver dynamic content (e.g., login credentials, account information, etc.) over HTTP or HTTPS. Typically, user-specific and database-driven content are served over this platform.

Use a user-friendly URL, which is known as an edge CNAME URLThis type of URL takes advantage of an edge CNAME configuration and a CNAME record to provide a friendlier alternative to a CDN URL. An edge CNAME URL is specific to the platform from which it was configured., instead of a CDN URLA system-defined URL that points to a CDN hostname. A CDN URL allows content delivery via our network. Simplify your CDN setup by also creating an edge CNAME configuration which potentially allows you to deliver traffic via the CDN using the same links as your current setup..

Edge CNAME URLs are typically shorter and easier to remember than CDN URLs. Additionally, you may set up an edge CNAME URL to reflect your current workflow. Doing so allows you to transition to our service through a quick DNS update.

Setting up an edge CNAME URL requires:

A Canonical Name (CNAME) record that points the desired hostname (e.g., cdn.example.com) to a CDN hostnameRefers to a system-defined hostname that is specific to your customer account and a CDN service. (e.g., wpc.0001.edgecastcdn.net).

This CNAME record should be updated or deleted when the corresponding edge CNAME configuration is deleted or deactivated.
Learn more.

An edge CNAME configuration that identifies:

The hostname (e.g., cdn.example.com) defined in a CNAME record.

The type of origin which can be either of the following:

Customer origin: Select a content access point that determines how the edge CNAME will leverage a specific customer origin.

Content Access Point	Usage
/80ANThis term represents your customer account number (e.g., 0001) which can be found in the upper right-hand corner of the MCC./CustomerOriginIdentifies a customer origin configuration by its directory name.	Standard HTTP/HTTPS requests to the specified customer origin.
/84ANThis term represents your customer account number (e.g., 0001) which can be found in the upper right-hand corner of the MCC./CustomerOriginIdentifies a customer origin configuration by its directory name.	Dynamic Cloud Packaging - On-Demand Streaming Playback requests for on-demand content stored on the specified customer origin.

Content Access Point

Usage

/80ANThis term represents your customer account number (e.g., 0001) which can be found in the upper right-hand corner of the MCC./CustomerOriginIdentifies a customer origin configuration by its directory name.

Standard HTTP/HTTPS requests to the specified customer origin.

/84ANThis term represents your customer account number (e.g., 0001) which can be found in the upper right-hand corner of the MCC./CustomerOriginIdentifies a customer origin configuration by its directory name.

Dynamic Cloud Packaging - On-Demand Streaming

Playback requests for on-demand content stored on the specified customer origin.

CDN storage: Select a content access point that determines how the edge CNAME will leverage our CDN storage solution.

Content Access Point	Usage
/00ANThis term represents your customer account number (e.g., 0001) which can be found in the upper right-hand corner of the MCC.	Standard HTTP/HTTPS requests to CDN storage.
/20ANThis term represents your customer account number (e.g., 0001) which can be found in the upper right-hand corner of the MCC.	Live Streaming - Dynamic Cloud Packaging Push requests generated by an encoder for live streams.
/24ANThis term represents your customer account number (e.g., 0001) which can be found in the upper right-hand corner of the MCC.	Dynamic Cloud Packaging - Live Streaming Playback requests for live streaming.
/04ANThis term represents your customer account number (e.g., 0001) which can be found in the upper right-hand corner of the MCC.	Dynamic Cloud Packaging - On-Demand Streaming Playback requests for on-demand content stored on our CDN storage solution.

An optional directory path that defines a new root directory to which requests will be directed.

Defining a relative path will shorten the length of the edge CNAME URL.

View a sample scenario.

This sample scenario assumes that the following configuration has been defined.

Service Provider	Type	Configuration
CDN	Customer Origin	Directory: myorigin
CDN	Edge CNAME	Name: cdn.example.com Points To: Customer Origin: /800001/myorigin Directory path: /marketing/resources
DNS	CNAME Record	Name / Host / Alias: cdn.example.com Value / Answer / Destination: wpc.0001.{Base Domain}

Service Provider

Type

Configuration

CDN

Customer Origin

Directory:

myorigin

CDN

Edge CNAME

Name:

cdn.example.com

Points To:

Customer Origin:

/800001/myorigin

Directory path:

/marketing/resources

DNS

CNAME Record

Name / Host / Alias:

cdn.example.com

Value / Answer / Destination:

wpc.0001.{Base Domain}

In this scenario, requests to cdn.example.com will actually point to the following CDN URL:

http://wpc.0001.edgecastcdn.net/800001/myorigin/marketing/resources/

Setting up an edge CNAME configuration will not update or set the corresponding CNAME record. A CNAME record must be defined via a DNS service provider before an edge CNAME URL may be used.

Key information:

Do not specify a protocol (e.g., http:// or https://) in the New Edge Cname option.
All alphabet characters in the New Edge Cname option should be specified in lower-case letters.
Set a CNAME record via a DNS service provider.
Adding, modifying, or deleting an edge CNAME may take up to an hour to take effect.
Edge CNAMEs may be sorted by hostname, origin directory, or by origin type.
The list of edge CNAMEs may be filtered by specifying a partial or complete hostname. A case-sensitive wildcard search will be performed for all edge CNAMEs whose name contains the specified value.

Clear a search by searching for a blank value.

View Example

Searching for cdn would include all of the following results:

cdn1.example.com

www.cdnow.com

www.amazingcdn.net

It would exclude all of the following results:

CDN.example.com

www.cd.net
By default, Analytics tracks CDN usage activity in a variety of different ways. However, CDN usage on a per edge CNAME basis will only be tracked if the Custom Reports option has been enabled on each desired edge CNAME. After which, our edge servers will track the amount of data transferred and hits for each edge CNAME on which it has been enabled.

Custom reports are available from the Custom Reports module. Load this module from the main menu by finding the Analytics menu and then selecting Custom Reports. After which, select the desired report from the side navigation bar.
Learn more about Custom Reports.

To set up CNAME record support

Navigate to the Edge CNAMEs page corresponding to the desired platform. How?From the main menu, navigate to [HTTP Large, HTTP Small, or ADN] | Edge CNAMEs.
In the New Edge Cname option, type the hostname that will be associated with the edge CNAME configuration.

This hostname should be specified in lower-case letters and should not include a protocol (i.e., http://).
In the Points To option, select whether the edge CNAME will point to a customer origin or CDN origin server.
In the Origin Directory option, select one of the following:
- CDN Origin: Select whether the edge CNAME will leverage our CDN storage solution for standard HTTP/HTTPS requests (i.e., /00ANThis term represents your customer account number (e.g., 0001) which can be found in the upper right-hand corner of the MCC.) or on-demand streaming.
- Customer Origin: Select the desired customer origin configuration (/80ANThis term represents your customer account number (e.g., 0001) which can be found in the upper right-hand corner of the MCC./customeroriginIdentifies a customer origin configuration by its directory name.).
By default, an edge CNAME configuration will point to the root folder of the selected origin server. Point the edge CNAME to a subdirectory by specifying the relative path to it (e.g., /marketing/conferences).
In the Custom Reports option, choose whether custom data logging will be enabled for the edge CNAME being created.
Click Add.
Register a CNAME record via a DNS service provider.
- The CNAME record's name should point to the hostname associated with the edge CNAME configuration as defined in step 2.
- The CNAME record's value should be set to a CDN hostname.
Learn more.

To modify an edge CNAME

Navigate to the Edge CNAMEs page corresponding to the desired platform. How?From the main menu, navigate to [HTTP Large, HTTP Small, or ADN] | Edge CNAMEs.
Click the next to the desired edge CNAME.
Modify the edge CNAME's settings as needed.
Click Update to save your changes.
If the New Edge Cname option has been modified, make sure to update the corresponding CNAME record via a DNS service provider.

To delete an edge CNAME

Navigate to the Edge CNAMEs page corresponding to the desired platform. How?From the main menu, navigate to [HTTP Large, HTTP Small, or ADN] | Edge CNAMEs.
Click the next to the edge CNAME that you would like to delete.
When prompted, confirm the deletion of the selected edge CNAME.
Make sure to update or delete the corresponding CNAME record via a DNS service provider.

Learn more.

Rules Engine contains the ability to match all requests that originate from a particular edge CNAME. This type of configuration will prevent the corresponding edge CNAME from being deleted. In order to delete the edge CNAME in question, please make sure to first modify or delete all match conditions that reference it.

Setting up DNS for an Edge CNAME

Our CDN will not serve traffic over an edge CNAME until your DNS configuration has been updated to point to it.

Key information:

An edge CNAME configuration requires a canonical name (CNAME) record.
This CNAME record must be defined through your DNS service provider.
Alias: The CNAME record's name should point to the hostname associated with the edge CNAME configuration.

For example, if an edge CNAME has been configured for cdn.example.com, then a CNAME record called cdn should be created in the example.com zone.

An edge CNAME's optional directory path will not affect the configuration of the corresponding CNAME record. Our edge servers will automatically rewrite the edge CNAME URL to the appropriate folder.

Value: The CNAME record 's value should point to a CDN hostnameRefers to a system-defined hostname that is specific to your customer account and a CDN service.. This hostname varies according to whether it will serve HTTP or HTTPS traffic.

URI Scheme	Configuration
HTTP	Set the CNAME record's value to the hostname defined under the Points To column on the Edge CNAMEs page. Sample CDN hostnames: HTTP Large:wpc.0001.edgecastcdn.net HTTP Small: wac.0001.edgecastcdn.net ADN: adn.0001.edgecastcdn.net
HTTPS	Set the CNAME record's value to the system-defined hostname assigned to the TLS certificate associated with the edge CNAME configuration. This hostname is provided by your CDN account manager once the TLS certificate is provisioned on our network.

URI Scheme

Configuration

HTTP

Set the CNAME record's value to the hostname defined under the Points To column on the Edge CNAMEs page.

Sample CDN hostnames:

HTTP Large:wpc.0001.edgecastcdn.net
HTTP Small: wac.0001.edgecastcdn.net
ADN: adn.0001.edgecastcdn.net

HTTPS

Set the CNAME record's value to the system-defined hostname assigned to the TLS certificate associated with the edge CNAME configuration. This hostname is provided by your CDN account manager once the TLS certificate is provisioned on our network.

Avoid the following common mistakes:

Do not use an address or host (i.e., A or AAAA) record when setting up DNS for your edge CNAME.

More Information

An A record links a hostname to an IP address. Our CDN service consists of a distributed worldwide network. Requests for your content will resolve to different IP addresses according to various factors, such as the platform/feature being requested, the client's location, and the geographical delivery region associated with your account. Setting up your edge CNAME to always resolve to the same IP address will lead to sub-optimal performance.
Point a CNAME record to the appropriate hostname defined in the above table.
- HTTP: If an edge CNAME will not be associated with a TLS certificate, then make sure to point your CNAME record to the hostname indicated on the Edge CNAMEs page.
- External TLS Certificate: Do not point your CNAME record to the hostname defined in the TLS certificate. This type of configuration is unsupported and does not grant any additional benefits or security to your HTTP traffic.
- Multiple TLS Certificates: There is no guarantee that all of your TLS certificates will be placed on the same hostname. Therefore, it is important to double-check the CDN account manager-provided hostnames for each TLS certificate when setting up CNAME records.

Correcting an Insecure CNAME Configuration

An insecure CNAME configuration makes it possible for a malicious actor to host their content through your account.

It is possible to set up an insecure CDN configuration that bypasses edge CNAMEs by directly pointing a CNAME record to our service. This type of configuration results in URLs with the following format:

[http|https]://CNAME/Content Access PointThis URL segment of a CDN URL identifies where the request should be directed. This relative path starts directly after the CDN hostname. The proper syntax for a content access point is "/yyAN," where "yy" stands for the origin identifier and "AN" stands for a customer account number. A content access point for a customer origin also includes a directory that identifies it./Path

Sample URL that leverages an insecure CNAME configuration:

http://cdn.example.com/800001/myorigin/index.html

If your account is currently configured as indicated above, then we strongly recommend that you create an edge CNAME configuration that points to that origin and then remove the content access point from your links.

For example, upon creating an edge CNAME configuration that points to myorigin, you should update the above URL to:
http://cdn.example.com/index.html.

This vulnerability is restricted to URLs that bypass edge CNAMEs by leveraging a CNAME record defined within your zone followed by a content access point. CDN URLs, which require that the content access point be defined within the URL, are not affected by this issue.

To correct an insecure CNAME configuration

Identify all CNAME records that meet both of the following conditions:
- The record points to our CDN service.
- A corresponding edge CNAME configuration does not exist.
Example:

If you have a CNAME record called cdn in the example.com zone and it points to our CDN service, then verify that the following edge CNAME configuration exists:

cdn.example.com
Identify each customer origin and CDN origin that is explicitly defined within a URL that is affected by this misconfiguration.

Example:

Let's assume that the following URLs serve traffic:

http://cdn.example.com/800001/myorigin/index.html

http://cdn.example.com/800001/sales/index.html

http://cdn.example.com/800001/marketing/index.html

Each of the above URLs point to a different customer origin. Specifically, they point to myorigin, sales, and marketing.
Leverage Rules Engine's URL Rewrite feature to rewrite URLs for each origin identified in the previous step.

Setting up edge CNAME configurations will cause your existing links to contain redundant URL segments. Therefore, it is critical to rewrite your URLs when transitioning to a secure CNAME configuration in order to prevent those requests from returning a 404 Not Found.

The URL Rewrite feature requires Rules Engine - Advanced Rules which must be purchased separately. Contact your CDN account manager to activate it.

URL Rewrite configuration:
- Source: Set the Source option to:
  
  /Content Access Point/Content Access Point/(.*)
- Destination: Set the Destination option to:
  
  /Content Access Point/$1
The above URL Rewrite configuration removes redundant URL segments from URLs that point to a specific origin.

Sample configuration:

This example rewrites URLs that point to the following customer origin:

/800001/marketing

Configure the URL Rewrite feature as indicated below.
- Source:
  
  /800001/marketing/800001/marketing/(.*)
- Destination:
  
  /800001/marketing/$1
Deploy a policy that contains the above rule and then wait until it has been fully deployed to the Production environment.

It may take up to an hour before a policy is fully deployed to the Production environment.
Create an edge CNAME configuration for each CNAME record identified in step 1. Wait an hour to ensure that your edge CNAME configurations have taken effect.
Verify that your edge CNAME URLs return your content.

Example:

Let's assume that you currently use the following URL:

http://cdn.example.com/800001/myorigin/index.html

Remove the content access point and then verify that the URL returns your web page:

http://cdn.example.com/index.html
Remove the content access point from all links that leverage each CNAME record identified in step 1.

Example:

This example assumes that you currently use the following base URL:

https://cdn.example.com/800001/myorigin

You should remove 800001/myorigin from your links. Use the following base URL instead:

https://cdn.example.com/
Optional. Upon verifying that URLs that leverage an insecure configuration are no longer being requested, you may remove the URL rewrite(s) created in step 3.

Setting up DNS for an Edge CNAME Deactivation

A best practice for a deactivated edge CNAME configuration is to perform one of the following actions via your DNS service provider:

Update the corresponding CNAME record to point away from our CDN service.
Remove the corresponding CNAME record from the DNS zone.

This best practice is designed to reduce your risk exposure.

Edge CNAME Deactivation

An edge CNAME configuration may be deactivated due to any of the following actions:

Edge CNAME configuration deletion
Customer account deactivation

A customer account will be deactivated under any of the following conditions:
- A customer account was deleted.
- A suspended customer account experienced an extended period of inactivity.
  
  A customer account may be suspended in response to a failure to provide payment within a reasonable time frame.
- A trial account has expired.

More Information

Custom Reports Module
- Edge CNAMEs