A lot of people prefer to Put a CDN in Front of Firebase Cloud Storage, but others don’t know why it’s important or how to do that. If you want to know more about CDN and Firebase Cloud Storage, you are in the right place.
Officially, you can’t put a Content Delivery Network (CDN) like Cloudflare in front of Firebase Cloud Storage. Firebase doesn’t allow custom domains.
Firebase is a comprehensive platform that takes care of a lot of your infrastructure needs without you needing to lift a finger. It even comes with its own CDN (content delivery network). But putting Cloudflare (or another CDN provider of your choice like Fastly) in front of Firebase is better.
Why you should put Cloudflare in front of Firebase Cloud Storage?
There are three main reasons that make putting Cloudflare in front of Firebase a good choice:
- Security & Protection: Firebase already have CDN, but it can’t offer you distributed denial of service attacks (DDoS) prevention, web application firewall (WAF), or rate-limiting. On the other side, Cloudflare can.
- Cost Savings & Prevention.
How to Put a CDN in Front of Firebase?
Now, let’s move to the important point, how to put a CDN like Cloudflare in Front of Firebase?
There is a method to put Cloudflare in front of Firebase Cloud Storage. It works with Cloudflare or a similar CDN like Fastly setup.
- In Cloudflare create a new CNAME pointing your subdomain to c.storage.googleapis.com.
- In the Firebase console -> Storage, create a new bucket named the subdomain. In the example above, the bucket name would be “images.firerun.io”. This is a restriction where only the bucket named the same as the subdomain will work.
- Add a test file, for example, keep-calm.jpg
- Next, give the public access to the bucket the Google Console. Note, this is different from Firebase security rules where you should set the security rules to allow externally allow read:
- Go to Storage Management in the Google Console. Select your Firebase project.
- Click on your new bucket (e.g. images.firerun.io) and click on the tab “permissions.”
- Click the “Add Members” button.
- Enter New Member as “allUsers” and Role as Cloud Storage -> Storage Object Viewer”.
- Click “Save” and accept the warning that this is publicly accessible.