I selected "Your Origin" as my Origin Type

This is the case if you're using your own custom origin to house target content.

The following additional options and recommended settings are available when you select Your Origin as your Origin Type:



Origin Server Hostname

Input the value that points to the same IP address as the origin domain name. We retrieve content from this address. This has various requirements and options for use:

Tip: Make note of the value input here for later use.
  • There are naming conventions. An Origin Server Hostname must follow a specific naming convention: origin-<original origin hostname>:
    • origin-: This is a fixed value: the word origin, followed by a hyphen (-).
    • <original origin hostname>: This is the name that is expected to appear in the host header.
  • The DNS must be edited. Generation of this configuration does not implement or activate your Origin-server Hostname. Once set, the DNS record for your existing Origin Server needs to be modified using this hostname (either by you or your DNS administrator). You ultimately need your origin's DNS record to point to the same server IP address as this ACE configuration. For example, if the original DNS record contains:

    www.mymedia.com. IN A 1.2.3.4

    The edited record should contain:

    origin-www.mymedia.com. IN A 1.2.3.4

  • Don't use IP addresses as Origin Server Hostnames. While IPv4 or IPv6 format addresses are supported, they are not recommended, as they can change or be reassigned, which may render your domain unreachable (resulting in a denial of service).
  • This option supports variable expression syntax. Typing “{{“ in the option field will trigger variable to auto complete. Additional details on this support are available by mousing over this option in the UI and clicking the “Learn more about variable support” link.

Forward Host Header

Select the host header you want the product to pass to your origin server. This is referred to as the "Forward Host Header" because it is the hostname the product “forwards” to the origin server in the HTTP HOST request header. The web server on your origin server uses this value to determine what content to send. Typically, the expected host is the same name as the hostname received in the request, or it can be customized. The following are available:

  • Incoming Host Header (Default): When selected, the same name as the hostname received in the request is used. This is a generic option that varies with the hostname received in the request. For example, a request for www.mymedia.com sends www.mymedia.com the HOST header; while a request for test-www.mymedia.com sends test-www.mymedia.com as the value.
  • Origin Hostname: When selected, what you've set as the “Origin Server Hostname” is sent in the request to your Origin Server. Select this option if your Origin Server has been configured to listen for the Origin Server Hostname. For example, if a request for either www.mymedia.com or test-www.mymedia.com is sent, origin-www.mymedia.com is sent in the HOST header in the request to the Origin Server.
  • Custom Value: Select this option if the hostname is a different name than the one the Origin Server is expecting. For example, an end-user request for www.mymedia.com.akamaized.net can set www.mymedia.com as the value sent in the HOST header to your Origin Server.

Cache Key Hostname

The cache key is the information the product uses to identify the content in caches. Assuming your application includes at least some cacheable content—the Edge network uses keys based on the entire Origin Server URI path and query string, if there is one. The following selections are available:

  • Origin Hostname: All objects requested using this Origin Server Hostname and the same path and query string are treated as the same object, including the content served from any other configuration with the same Origin Server Hostname. For example, once cached, these objects would be treated as the same object:
    http://www.mymedia.com/logo.gif
    http://www.mymedia.co.uk/logo.gif
  • Incoming Host Header (Virtual Server Option). Objects requested with the same path and query string are given a unique cache key per hostname. Select this option if your origin server is a virtual server. For example, once cached, these objects are treated as different objects:
    http://www.mymedia.com/logo.gif
    http://www.mymedia.co.uk/logo.gif
    

Supports Gzip Compression

Compression is important in optimizing performance. You can disable this option only if your Origin Server does not support delivery of content using Gzip compression; or, if for some reason you want to have content served uncompressed. When this feature is enabled, the product sends an Accept-Encoding: gzip header in requests to the Origin Server to support Gzip compression.

Send True Client IP Header

When this slider is set to Yes, the IP address of the requesting client is passed to the origin. Normally the client IP is passed in the X-Forwarded-For header, which is routinely modified by proxies along the way. Once enabled, additional options are offered:

  • True Client IP Header Name: Input the name of the header that contains the True Client end-user IP address. This is typically the True-Client-IP header, which is input here by default.
  • Allow Clients to Set: Set this slider to "Yes" to have the Edge server that receives the request allow the True Client IP Header and pass that value through to the origin, or set it the "No" to remove it and set the value itself.

HTTP Port

This exists as a standalone option when your ACE configuration is setup to exclusively deliver non-securely via HTTP. This is the port on your origin server you want our Edge server to connect to for non-secure HTTP requests. The standard port is 80. To learn more about ports, mouse-over this option and click the “Learn more” link.

Origin SSL Certificate Verification

These options are revealed if the ACE configuration is set up for secure delivery (HTTPS). They allow you to control how your Origin Server is authenticated. They are intended to prevent 'man-in-the-middle' (MITM) attacks, in which a malicious entity directs end-user traffic to the attacker's server, instead of the expected Origin Server.

When an Edge server routes a request to your Origin Server, it establishes a secure connection through an SSL handshake; your Origin Server provides the Edge server with a certificate which is used to validate it as your Origin Server. If everything is validated, the request goes forward. If the certificate is not valid, the action you set in the ACE configuration for invalid certificates occurs.



Note: The settings you choose in Origin SSL Certificate Verification override the default settings for your ACE configuration.
  • Verification Settings: The Secure Network platform has default settings for Origin SSL Certificate Verification that can be overridden by a ACE configuration. The platform, by default, trusts certificates signed by the certificate authorities in the Akamai Certificate Store that also have a CN/SAN that matches the Forward Host Header.
    • Use Platform Settings: This allows Edge servers to choose these settings on your behalf, trusting certificates signed by any authority listed in the Akamai Certificate Store. These settings are subject to change at any time.
    • Choose Your Own (Recommended): Select this to maximize security by directly controlling which certificates Akamai Edge servers should trust. (Once selected, additional options are revealed to configure this.)
    • Use SNI TLS Extension: Set this slider top "Yes" to have the Edge server send the Server Name Indication (SNI) header in the SSL request to your origin. The SNI header is comprised of the same information contained in the header you have selected as the Forward Host Header value.
  • Ports:
    • HTTP Port/HTTPS Port: These are the ports on your origin server you want our Edge server to connect to for non-secure HTTP and secure HTTPS requests, respectively. The standard ports are 80 for HTTP and 443 for HTTPS. To learn more about ports, mouse-over either of these options and click the “Learn more” link.
Tip: To learn more about any of these options, mouse over their names in the UI.