Ghost membership tiers with CDN?

(Ghost V4, everything else latest)

I’m wondering if anyone here has successfully put a CDN in front of a self-hosted Ghost instance that utilizes membership paywalls? Caching post content at the edge is great until you need to render that content based on a user’s subscription status.

For example, if I create a post that should be viewed only by a premium member, the paywall will get cached at the edge and premium members will never actually be able to view the post.

I’m wondering if there are more advanced CDN configurations that can do some sort of edge computing to circumvent this? I know that Ghost Pro claims they have a CDN but I’m thinking it’s just for images since caching post content seems pretty complex in this scenario.

Typically you configure the CDN to bypass caching when any (or possibly specific) cookies are present in the request. That way the non-logged-in state is cached and served from the CDN but the logged-in version is served directly.

So effectively you’re delivering cached content to non-logged in users and uncached content for logged in users? I guess that is better than nothing.

Ok, allowing ghost-members-ssr and ghost-members-ssr.sig cookies seems to do the trick. I think whitelisting all cookies would be too big a hammer.