Use of a Content Delivery Network (CDN)

Protection Requirement:


If you use or plan to use a CDN


Setup can be a little complex
CDN Service

Some content Delivery Networks (CDN) can block legitimate traffic

Avoid a CDN that implements aggressive filtering

The use of a CDN is primarily to improve the performance of your website, secondary to this many CDNs offer security features.

All security features offered by CDNs can be implemented locally so the decision to use a CDN should be based entirely on performance considerations and not security.

The Cloudflare CDN in particular, offers a free service that includes automatic filtering of traffic using spam block lists. This results in many legitimate users being presented with a CAPTCHA challenge.

Avoid CDNs like Cloudflare that use aggressive block lists. There are many other CDNs that will provide the improved performance without filtering your traffic.

My own experience with cloudflare

I have been presented with cloudflare challenges numerous times yet I never engage in any type of SPAM or hacking activities. I would seldom send more than 20 emails a day and never use any automated tools that would trigger the SPAM blocking. They do provide a way to request your IP be removed from their aggressive blocking list, but they do not make this easy. You need to search for the page to request removal, and then wait for them to respond and on more than a few occasions I have not received a response, and on others my request has been denied. I have given up. When I am presented with a captcha challenge now I am more inclined to just close the tab than enter their captchas.


If you need help implementing this and other security measures then Virtual Webmaster Services can help. Visit Virtual Webmaster Services