Use of a Content Delivery Network (CDN)

Protection Requirement:

SPECIAL

If you use or plan to use a CDN

Skills/Resources:

Setup can be a little complex
CDN Service

THE THREAT
Some content Delivery Networks (CDN) can block legitimate traffic

THE OBJECTIVE
Avoid a CDN that implements aggressive filtering

PROPOSED SOLUTION
The use of a CDN is primarily to improve the performance of your website, secondary to this many CDNs offer security features.

All security features offered by CDNs can be implemented locally so the decision to use a CDN should be based entirely on performance considerations and not security.

The Cloudflare CDN in particular, offers a free service that includes automatic filtering of traffic using spam block lists. This results in many legitimate users being presented with a CAPTCHA challenge.

Avoid CDNs like Cloudflare that use aggressive block lists. There are many other CDNs that will provide the improved performance without filtering your traffic.

My own experience with cloudflare

I have been presented with cloudflare challenges numerous times yet I never engage in any type of SPAM or hacking activities. I would seldom send more than 20 emails a day and never use any automated tools that would trigger the SPAM blocking. They do provide a way to request your IP be removed from their aggressive blocking list, but they do not make this easy. You need to search for the page to request removal, and then wait for them to respond and on more than a few occasions I have not received a response, and on others my request has been denied. I have given up. When I am presented with a captcha challenge now I am more inclined to just close the tab than enter their captchas.

MORE ADVANCED
none

NEED HELP?
If you need help implementing this and other security measures then Virtual Webmaster Services can help. Visit Virtual Webmaster Services