Setup push invalidation for Cloudflare
Note: All non-production / lower environments that are fronted by a CDN, should set the x-push-invalidation header to disabled and still honor the origin cache control headers, which will automatically result in short-lived TTLs. See Push Invalidation Worker Settings for more details.
Push invalidation automatically purges content on the production CDN (e.g. www.yourdomain.com) whenever content or code changes are made on AEM origins with the main branch in the host name (e.g. main--site--org.aem.live). Changes pushed to other origins do not trigger push invalidation.
Content is purged by URL and by cache tag/key.
Push invalidation is enabled by registering a Cloudflare purge token in the CDN section of the configuration service.
curl --request POST \
--url https://admin.hlx.page/config/{org}/sites/{site}/cdn.json \
--header 'content-type: application/json' \
--data '{
"prod": {
"host": "{production host}",
"type": "cloudflare",
"plan": "enterprise",
"zoneId": "{cloudflare_zone_id}",
"apiToken": "{cloudflare_api_token}"
}
}'
Configuration properties:
| key | value | comment |
host |
<Production Host> |
Host name of production site, e.g. www.yourdomain.com |
type |
cloudflare |
|
plan |
e.g. free |
values: default: |
zoneId |
<Cloudflare Zone ID> |
ID of production zone |
apiToken |
<Cloudflare API Token> |
To create an API Token,
- go to API Tokens
- click on "Create Token",
- go to "Create Custom Token" at the bottom and click on "Get started"
- enter a token name (e.g.
"Production Site Purge Token"), - Permissions: "Zone", "Cache Purge", "Purge"
- Zone Resources: "Include", "Specific zone", "<your production zone>"
- click on "Continue to summary"
- click on "Create Token",
- copy the generated token value.
Note that only sites on the enterprise plan will be surgically purged by url and cache key. A Purge All will be performed instead on non-enterprise sites every time an author publishes a content change.
You can validate the credentials with this tool.