IT notes

Domain Fronting

If your domain becomes blocked you “could use” another one to bypass the block: curl -s -H "Host: your-blocked-domain" -H "Connection: close" "https://new-tld/your/path" Both domains must be hosted within the same CDN, example: curl -s -H "Host:" -H "Connection: close" "" More info:

cdn token

Restrict access only to the CDN (cloudfront) To only allow, handle request from the CDN you could add a custom header/token and check on your backend (nginx/haproxy) if is matching otherwise return a 401 If using AWS cloudfront you edit your origins like this: The token can be any UUID / has or common secret between the CDN and the backend. If your backends are using nginx you could verify the token like this: