Access your zones, caching, firewall policies, and analytics.
Security Recommendations for CDN Users
We strongly recommend implementing the following security measures to protect your assets and origin infrastructure:
Enable Two-Factor Authentication (2FA): All administrative accounts should have 2FA activated using TOTP or hardware security keys to prevent unauthorized access.
Secure Your API Keys: Never expose API tokens in client-side code. Rotate credentials regularly and use environment variables for storage.
Configure Origin Shield: Restrict direct access to your origin server by whitelisting only CDN edge IP ranges in your firewall rules.
Enable HTTPS Enforcement: Force TLS 1.3 for all connections and enable HSTS headers to prevent downgrade attacks on resources served through the CDN.
Set Cache-Control Headers: Define appropriate TTL values for static and dynamic content to balance performance with content freshness and security.
Monitor Access Logs: Regularly review edge logs for suspicious patterns, including unusual geographic requests or spike in 4xx/5xx responses.
Following these best practices ensures optimal protection for websites and applications delivering resources through our global edge network.