[Support Guide] Why not proxy to Netlify?

Last reviewed by Netlify Support in March 2022

Netlify runs a CDN backed by several separate network service providers, and our CDN automatically routes your web visitors’ traffic to a network-nearby server to give them the fastest possible response time…as long as you let their browsers talk directly to our CDN!

We know you want your your web traffic to be fast; your deploys and rollbacks to be atomic; and your Analytics data to be useful.

If you proxy to Netlify, you’ll have problems with all of the above since those features of our service are only possible if you configure your DNS to point directly to Netlify, rather than through a proxy server or service. Why’s that?

Let’s dig in!

There are many capable network providers out in the world - from the Google and Amazon sized giants, through more CDN-specific offerings like Cloudflare and Akamai and Fastly. We do not disagree - they’re great at what they do! Heck, our CDN is partially powered by Google and Amazon’s cloud offerings. But, when you use them in front of Netlify’s CDN, they break all of those great features I described above.

Here’s why putting a proxy in front of our network is a bad idea:

  1. Speed: putting an extra network hop like Cloudflare or Fastly in front of us adds another point of failure in the request path, and “more network hops” has never been a thing that makes a site load faster.
  2. Atomic rollbacks and deploys: Most CDN providers cache some content, which can break our atomic rollbacks and deploys - making sure your site content is consistent across all browsers accessing the site at any specific moment in time.
  3. More accurate analytics: Our Analytics service counts IP addresses to approximate “Unique Visitors”. If you put Cloudflare in front, only Cloudflare’s IPs talk to us, so you get situations like “104 unique visitors loaded how many hundred thousand pages?”
  4. Our split testing feature will not work reliably: When you enable split testing, requests directly to our CDN are handled correctly. Requests to other CDN’s that cache content will break the affiliation and potentially serve visitors mixed content from all of your actively-testing branches.
  5. Quicker, more straightforward help: And finally, we can’t usefully provide tech support when there’s a “black box” between the browser and our service. The owners of the black box may be able to, but we can’t help with what we can’t see, no matter how much you pay us.
  6. In some cases, we’ll rate limit vast numbers of connections to your site (returning an HTTP 429), more than a visitor would make in the same time frame, to help block abusive traffic. Your proxy host could look like abusive traffic to our CDN, if it sends enough quickly enough from the same IP address.

This article goes into some more depth about how to configure Cloudflare’s DNS to NOT proxy to us, and goes into more details about the specific pitfalls we’ve seen before using Cloudflare “in front of” Netlify. Can you do it? Sure! Thousands do! But… from the members of that group who’ve written in for tech support, the overwhelming majority of our “problem solved!” successful answers have been achieved by this answer: “it will work if you turn off that proxying…”

If you cannot change your proxying-to-Netlify configuration for some reason, you might try changing it to point to yoursitename.netlify.app instead of yoursitename.netlify.com due to our migration described here . But we will not provide any further tech support on that configuration as it causes all the problems listed in this article and we do not intend for people to configure their sites this way.

2 Likes
Use Cloudflare Nameservers and remove Netlify Nameservers
Do you proxy to Netlify from another CDN?
Installing Netlify SSL Certificate on Other Servers
Content Distribution in China
Download speed through proxy is really slow
[Support Guide] What problems could occur when using Cloudflare in front of Netlify?
Slow CDN on my game
Reduce Initial Server Response Time Issue (TTFB) with Gatsby Netlify site
Custom SSL certificate is no longer served by the server
Function rewrites based on HTTP method for REST API
Deploy WP site on main domain and netlify app as a subdirectory of said domain - possible? and how?
Reverse Proxy on Netlify
"Slow" TTFBs over 500ms on requests?
Setting up a custom domain - transferring from Cloudflare
SSL certificates are now available for externally proxied sites
I desperately need technical help and my question keeps getting hidden!
[Support Guide] Compiled CDN Resources — start here!
Proxy Redirect with CORS issue, site not working?
Specify origin server and turn off Netlify CDN
Hosting on Netlify while addressing my client's security & convenience concerns
[Support Guide] Performance troubleshooting your Netlify site
Getting hammered with ERR_SSL_PROTOCOL_ERROR
Sites Down. Is Netlify down?
Split testing Under the Hood?
[Support Guide] How can I alter trailing slash behaviour in my URLs? Will enabling Pretty URLs help?
Followups from 25 Mar 2021 Service Degradation
[Support Guide] What problems could occur when using Cloudflare in front of Netlify?
Changes coming to Netlify site URLs: .com to .app
429s being returned for some assets on our website
"Not Found" when proxy passing website
Analytics doesn't display meaningful data
Invalid SSL Cert; security certificate is from *.netlify.com

Last reviewed in August 2021.