Mark Jaquith's presentation on Confident Commits, Delightful Deploys brought up something which I didn't thought of, "CDN proxies everything including dynamic php pages".
In his example, he pointed out cdn.wpengine.com and wpengine.com, cdn.page.ly and page.ly, cdn.zippykid.com and zippykid.com are all serving the same content with their CDN counterpart.
So out of curiosity, I tested mine, cdn.lesterchan.net and lesterchan.net, and I have the same problem! I did not link it because I have already fixed the problem before writing this blog post.
A common link between us are our CDNs are hosted by NetDNA. So I wrote to them asking is there anywhere I can solve this. They recommended me their EdgeRules add-on which provides a powerful method of controlling how edge servers interact with content and websites visitors.
I gave it a try and it works! What I did was to only allow URI with file extensions to be served by the CDN as shown in the screenshot below:
Match Type: Default
Directive: REWRITE RULE ^(.*)$ http://lesterchan.net$1 permanent
Conditional: $uri != RegEx (Case In-Sensitive) \.(png|jpe?g|gif|ico|html|txt|css|js)$
Rule Status: Active
Purge All Files: Yes
EdgeRules Main Page
It is a bit "hack-ish" but I guess it will do for now.
A proper way which Mark Jaquith mentioned was to CNAME the CDN to something like static.yourdomain.com and have that subdomain serve only static files.