CDN Caching for Secure Domains

This topic applies to

Applies to

SuiteCommerce | SuiteCommerce Advanced


You can take advantage of the benefits provided by Content Delivery Networks (CDNs) for your secure domains. This topic lists items of which you should be aware prior to using CDN.

CDN Cache Prerequisites

To enable CDN caches for secure domains, your account must meet following conditions:

  • Custom Secure Domain – You must provision at least one secure custom domain. Custom domains are sometimes called vanity domains. You cannot use a CDN cache for or domains.

  • SSL Certificate upload– You must use automatic certificates or upload your SSL certificate to your domain record. For more information, see Automatic and Manual Certificates.

CDN Caching for Private versus Public Content

Caching keeps one or more copies of information on the network for a period of time. Because CDN caching occurs on third-party servers, caching should be limited to content for which security is not of primary importance.

Content that does not pose a security risk is considered public, while content that must be kept secure is considered private. Content designated as private should never be cached.

NetSuite uses private folders, public folders, and file extensions to determine which content is cached on CDN servers. To protect your shoppers, it is critical that you do not maintain private information in public folders. Examples of content that should be kept private include shipping addresses, billing addresses and credit card information.

Use this table as a guide to how folders and extensions determine which information may be cached by a CDN.

Path (folder) or extension

Cached on CDN


Private folder names must be lowercase. If a private folder name is all uppercase (PRIVATE), it is treated as a public folder and the contents will be cached. Uppercase folder names do not meet standard caching rules.

Never cached.


May be cached depending on header settings. If caching length not set, default TTL is 24 hours. Maximum is 7 days.

*.jpg, *.png, *.js, *.gif, *.css, *.html, *.ico, *.woff, *.shtml, *.txt, *.pjpeg, *.ttf, *.woff2, *.json, *.jpeg, *.eot, *.pdf, *.xml, *.otf, *.cur, *.htm, *tpl, *.swf

May be cached depending on header settings. If caching length not set, default TTL is 24 hours. Maximum is 7 days.

All other file extensions

Never cached. Considered to be private.


Do not keep sensitive content in public folders because it may be cached on third–party servers.

CDN IP Address ranges

Instead of assigning a single IP address to your site, a CDN assigns a range of IP addresses. This range can and will change on a daily basis. NetSuite cannot predict or control which addresses the CDN will select. If you use your secure domain for secure document storage, be aware that you cannot whitelist an IP address managed by a CDN.


NetSuite cannot predict the IP addresses CDN providers will use.

For more information, see the help topic NetSuite IP Addresses.