Wondering how to accelerate drupal with CloudFront? Our Drupal Support team is here to lend a hand with your queries and issues.

How to accelerate drupal with CloudFront?

Today, let us see the steps followed by our Support techs to accelerate drupal with CloudFront.

1.The Path Module allows us to create URL aliases for our content.

By default, Drupal creates URL patterns like https://www.mydrupalwebsite.com/node/2.

When we consider adding a Content Distribution Network, URL aliases also allow us to define the paths within our website, optimising for the type of content they hold.

The Path module allows us to take the URL we just discussed, and alias it into something like https://www.mydrupalwebsite.com/images

2.Within Drupal 8 Administration you will find that “Aggregate CSS files” and “Aggregate JavaScript files” are enabled by default.

This helps reduce the bandwidth requirements between our Origin AWS infrastructure, and the CloudFront Edge nodes.

3.On the same page, you can see that Internal Drupal caching is disabled by default.

This controls the maximum time a page can cache by browsers and proxies, controlled through the value for max-age in Cache-Control headers.

Even if we define a value for this, we can override that setting through the controls offer in Amazon CloudFront, providing us a single interface to control these TTL values.

There is CDN Module, changes file URLs so that CSS, JavaScript, images, audio, and videos can cache within CloudFront more easily.

It also changes the URL when a file is changed by a user in Drupal.

To enable the module, go your Drupal Administration site, and click the Extend Tab.

From there, click the blue button for “+ install new module.”

I looked up the latest version supporting Drupal 8, and provided the URL to the .tar.gz file.

With the module installed, I scrolled down to the bottom of the Extend Tab and enabled both the CDN and CDN UI modules.

Now let’s head over to the AWS Management Console, and use the CloudFront console to create our CloudFront distribution.

Then, we will select Web as the Distribution type.

From there, you can see the following sections, which need to fill in.

Origin Domain Name :

CloudFront is integrated into many AWS services, so it knows about the AWS infrastructure deployed in my AWS account.

I simply scroll down through the list until I find the Application Load Balancer sitting in front of my Drupal EC2 instances.

Origin SSL Protocols:

I have chosen to remove support for TLS 1.

This is entirely your choice and based on the security or risk position you want to take for your own application.

Origin Protocol Policy:

I want to ensure all communications from CloudFront to my Origin occur over HTTPS.

I have enabled the HTTPS Only setting.

Origin Custom Headers :

In some application deployments, you will want to ensure all visitors reach your website using CloudFront.

You may want to stop people going around it, communicating directly with your Origin endpoint.

Using Origin Custom Headers, I can create a “Header Name” and “Value” and add them to my CloudFront distribution.

You can use any values you want, just make sure you take note of them.

With that done, I can then create an AWS WAF ACL to my Application Load Balancer, using a String Matching Condition, which looks for an exact match on the Header Name and Value I have just created.

Section Two: Default Cache Behavior Settings

Viewer Protocol Policy:

I want to ensure that all communications between CloudFront and the viewers of my website are encrypted using HTTPS.

So I change this setting to Redirect HTTP to HTTPS, this means visitors to my website are automatically redirect if they don’t specify a secure connection.

Allowed HTTP Methods:

As with WordPress, my Drupal website supports the use of Forms, so I want CloudFront to support the additional POST HTTP methods for form submissions.

Whitelist Headers:

I want to control how CloudFront caches content. Since Drupal supports multi-site configurations.

I have chosen to cache the Host header, along with the Origin header and the forwarded protocol headers.

Object Caching:

Earlier in this blog I referred to native caching capabilities in Drupal, which include the ability to declare the minimum TTL for objects served from my Drupal origin.

Here you can opt to either leverage the values coming from Drupal, in which case select Use Origin Cache Headers, or if you want to override these values, or control them within CloudFront.

Then select Customize and apply a Default TTL which you want to the default caching period your clients are given.

Forward Cookies:

I recommend that you enable the Whitelist feature and add in the cookies that you would like to be forwarded to your Origin.

Drupal supports a variety of cookie session controls, natively as well as through the Community Modules.

This is particular to your configuration so play with this setting.

Query String Forwarding and Caching:

Drupal makes use of query strings within the URL.

Therefore, I have set this parameter to forward all to my Origin.

If you can refine this down to a whitelist, based on your Drupal application configuration, then you will be able to improve your cache-hit ratio.

Try and ensure static content is presented through static paths, making use of the Path Module where appropriate.

Compress Objects Automatically:

If objects received by CloudFront from the Origin are not compressed, then I want CloudFront to do this for me.

Setting this flag to True means that where possible, CloudFront will compress these objects.

AWS WAF Web ACL:

I recommend that even if you don’t plan to use AWS WAF in the first place that at the very least you enable a blank WAF ACL for each of your CloudFront distributions.

The reason for this is that it takes far less time to add a rule to an empty web ACL than it takes to modify your CloudFront distribution globally to include a Web ACL in its distribution settings.

If you are ever under an attack, then time to respond will be important to you.

This design approach allows you to make effective changes as fast as possible.

Alternative Domain Names:

Here I have added the real Fully Qualified Domain Name(s) for my website, allowing this CloudFront distribution to respond to calls for my domain.

SSL Certificate:

CloudFront offers two options for hosting TLS/SSL certificates.

The default option is to serve only clients that support Server Name Indication (SNI).

With this default option CloudFront associates your certificate with an IP address that is not dedicated to your distribution.

Logging:

I have chosen to configure CloudFront to log all viewer requests for files in my distribution, including logging of the cookies within that session.

This is optional and should enable if you need to collect this data.

Data is stored in Amazon S3.

[Need assistance with a different issue? Our team is available 24/7.]

Conclusion

To sum up, our Support Engineers demonstrated how to accelerate drupal with CloudFront