diff --git a/roles/httpd/reverseproxy/templates/reversepassproxy.registry-generic.conf b/roles/httpd/reverseproxy/templates/reversepassproxy.registry-generic.conf
index d6aca6ea46..74aa2066ef 100644
--- a/roles/httpd/reverseproxy/templates/reversepassproxy.registry-generic.conf
+++ b/roles/httpd/reverseproxy/templates/reversepassproxy.registry-generic.conf
@@ -5,11 +5,21 @@ ProxyPreserveHost On
 
 
 {% if env == "production" %}
-RewriteCond %{HTTP:VIA} !cdn77
+#
+# These conditions are ANDed together and negated, and are the list of things we 
+# do NOT want to use the cdn. ie, the things not going to the cdn will not match 
+# here and fall through to the regular registry. Everything else will go to the cdn
+#
+# We don't want the cdn itself to go to the cdn, it needs to get content from origin
 RewriteCond %{HTTP:VIA} !cloudfront
-RewriteCond %{SERVER_NAME} !^registry-no-cdn\.fedoraproject.org$
+# We have a 'registry-no-cdn' host that we don't want to use the cdn
+RewriteCond %{SERVER_NAME} !^registry-no-cdn\.fedoraproject\.org$
+# We don't want some methods to go to the cdn so we can update it
 RewriteCond %{REQUEST_METHOD} !^(PATCH|POST|PUT|DELETE|HEAD)$
+# osbs hosts shouldn't use the cdn
 RewriteCond %{REMOTE_HOST} !^osbs-*$
+# builders shouldn't use the cdn for flatpak building.
+RewriteCond %{REMOTE_HOST} !^build*\.iad2\.fedoraproject\.org$
 RewriteRule ^/v2/(.*)/blobs/([a-zA-Z0-9:]*) https://cdn.registry.fedoraproject.org/v2/$1/blobs/$2 [R]
 {% endif %}