Delivering Content From a Public Backblaze B2 Bucket via Cloudflare CDN Delivering Content From a Public Backblaze B2 Bucket via Cloudflare CDN

Delivering Content From a Public Backblaze B2 Bucket via Cloudflare CDN

Pat Patterson Pat Patterson
This article explains how to configure Cloudflare CDN to serve data from a public B2 Bucket. If you would like to allow Cloudflare to fetch content from a private Backblaze B2 Bucket, see the KB article on using Cloudflare Workers to fetch content from a private B2 Bucket.

Configuring Cloudflare and B2

The partnership between Backblaze and Cloudflare allows you to store content on Backblaze B2 and serve it to end-users via Cloudflare's CDN (Content Delivery Network) with no download fees from Backblaze. This permits content to live in Backblaze B2, yet be delivered with the low latency and high speed of one of the world's premier CDNs. The content consumer sees no difference as they use the same URLs and access your site exactly as before - only with the speed and reliability of Cloudflare. As a webmaster, however, you can make full use of Cloudflare's capabilities such as Edge cache expire TTL.

Serve Data from a Public B2 Bucket

Login to your Backblaze B2 account, and locate (or create) the public bucket that will contain the content for the CDN. Upload a file, if the bucket is empty, and click the information icon to the right of any file's listing.
 
 

The file's "Friendly URL" starts with an origin (protocol and hostname) of the form https://f00x.backblazeb2.com, where x is one of 0, 1, 2, etc, depending on the location of your bucket. Make a note of this origin.

Clicking on the friendly URL link should take you to the image. If clicking on this link generates an error, the bucket may be private rather than public. Toggle the bucket's public/private status from the B2 web UI.

Configure Cloudflare to use B2

Visit https://dash.cloudflare.com/sign-up?lang=en-US and log into your account (Or Signup for an account).

 

Configure Cloudflare with Your Domain

Your domain is the hostname suffix that will be used to retrieve your B2 Bucket's content via Cloudflare, for example, mydomain.com. Add your domain to the bottom of the screen and tap Scan. Cloudflare will read your domain's configuration from DNS. When the scan is complete, push Continue.

 

Add DNS (Domain Name System) Records

Each section of a website that is being fed from a Backblaze B2 bucket requires a specific entry. For example, a site might have separate areas for photos and videos. Remapping photos looks like this:

  1. Select CNAME (Canonical Name) from the record type pulldown.
  2. Type your hostname. To map the bucket to photos.mydomain.com, the Name field would be photos.
  3. Specify the B2 Bucket origin that you noted in the first step. For example, f000.backblazeb2.com.
  4. Click Add Record.
 

Complete the DNS Record

Tap the grey cloud under Status. This should turn it into an orange cloud.

Push Continue at the bottom of the page.

 

Configure Page Rules to Allow Only Your B2 Bucket to be Fetched from your Domain

The DNS configuration maps your domain to any content hosted on the same Backblaze B2 origin as your B2 Bucket, so someone can use your domain to fetch content from another customer's public B2 Bucket. To ensure this doesn't happen, Cloudflare allows you to use Page Rules to scope requests to your bucket.

To configure, click Page Rules from the top navigation and add a rule for each bucket that should allow Cloudflare to cache that content. The last rule should redirect to a "file not found" page similar to the one on the Backblaze website.

In the example below, the bucket name is nilayp. If a request is made to a URL matching https://photos.sarahandnilay.com/file/nilayp/*, Cloudflare will return the requested content. A request to any other bucket will be redirected to https://secure.backblaze.com/404notfound.

 Page_Rules___sarahandnilay_com___Nilayp_gmail_com_s_Account___Cloudflare_-_Web_Performance___Security.jpg

 

Billing

Select the desired Cloudflare billing plan that's appropriate for you. You can use the "Free Website" option; it works with Backblaze B2. For more information about Cloudflare's capabilities, please visit Cloudflare's service plan page. Click Continue to move on.

 

Change the nameservers for the domain

In order for Cloudflare to map your domain on a B2 bucket, Cloudflare must be the domain nameserver for your domain. This is typically done from your domain registrar's website.

Be careful when changing the settings for your domain. If you don't do this correctly - your domain could be temporarily removed from the internet until the settings are corrected.

Once this change is made - it can take up to 24 hours for the changes to propagate across the internet.

 

Ensure the SSL/TLS settings are correct.

Ensure your SSL/TLS settings are set to Full (strict). This is the default setting.

Backblaze B2 only supports secure (HTTPS) connections.

If you have any questions regarding how to set your SSL settings in Cloudflare please review the Cloudflare documentation on encryption modes.

 

 

Accessing Your Backblaze B2 Bucket Content via Cloudflare CDN

Once the DNS changes are propagated, the domain will serve data directly from your Backblaze B2 Bucket. The Cloudflare configuration screen will show the Status as being active.

Browsing to your domain, followed by /file/<bucketname>/filename will display your file.

For example, from the screenshots above, https://photos.sarahandnilay.com/file/nilayp/img.jpg is mapped to https://f000.backblazeb2.com/file/nilayp/img.jpg.

Note that you must use an https:// (TLS-secured) URL. Unsecured HTTP (http:// URLs) is not supported by Backblaze B2.