Important note

This tutorial assumes you have already created a Pull Zone. If you plan on using custom domains to pull files from the CDN you should setup your CNAME records within the CloudFlare DNS editor, and not on the web-hosting end!

What is CloudFlare

CloudFlare is a free system that acts as a proxy between your visitors and our server. By acting as a proxy, CloudFlare caches content for your site, which lowers the number of requests to our servers, but still allows visitors to access your site.

What is a CDN?

CDN stands for Content Delivery Network, and it works by acting as a reverse proxy that caches all your static contents, and serves them to your website visitors from servers spread across the globe. This can lower the number of requests sent to your server to zero at any given moment, as long as the cached files are neither expired nor purged from the network. When the static contents are served to your website visitors from servers that are closer to them than your web server, the website loads faster, which provides a better user experience and also reduces the load on your web server.

The conflicts

  1. The First Conflict
    The way CloudFlare works includes appending cookies and custom expiry headers that look like this:

    sh-4.1$ curl -I
            HTTP/1.1 406 Not Acceptable
            Server: cloudflare-nginx
            Date: Tue, 14 Aug 2012 14:31:59 GMT
            Content-Type: text/html; charset=UTF-8
            Connection: keep-alive
            Vary: Accept-Encoding,Cookie,User-Agent
            Expires: Wed, 15 Aug 2012 14:31:59 GMT
            Set-Cookie: __cfduid=de8b7126ad3841cd0da33c69651231c901344954719; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/;

    When these cookies and headers are sent to our CDN Network, it causes a conflict that prevents us from properly caching your static assets. That results in a very low cache hit percentage, along with an increased number of requests being sent to CloudFlare, which will negatively affect the load speed of your website.

  2. The Solution for the First Conflict
    We have implemented a new option within the Control Panel, which ignores the cookie’s existence on requested files. So after the CDN pulls the file from origin, it will ignore the cookie and cache the file.
    This option is available within the Settings tab after you go to Manage Zone. Click the box next to Strip All Cookies and then click Update:
  3. Scheme for the First Conflict
  4. The Second Conflict
    CloudFlare automatically utilizes a load balancer, which dynamically changes the IP address of your website. Usually this is not an issue, however since our system depends on matching the IP address of the origin website with the FQDN/domain/URL, it will cause a conflict which will result into our servers unable to fetch and cache your static contents, generating a 502 Bad Gateway error.
  5. The Solution for the Second Conflict
    In the past we used Pull Zone 2.0, which utilized the Apache Traffic Server to overcome the dynamic IP problem caused by CloudFlare, Amazon AWS, and other load balancing techniques. Apache Traffic Server had its problems, and lacked support for GZip compression. So we re-invented the Pull Zone to add an option for dynamic IP resolution, which is enabled by default when zone is created. If you have already defined the Origin IP, you can uncheck Origin IP Resolution within your zone’s settings and then dynamic IP resolution will be enabled for that zone. Also, you can contact us at so we can make sure that dynamic IP resolution is definitely enabled for your zone.
  6. The Scheme for the Second Conflict