Security

Free SSL Certificate Options

Make your site HTTPS ready with our InstantSSL provided by Let's Encrypt or install your own SNI certificate. Quickly, easily, for free.

All HTTPS connection are powered up by the latest web performance and security features such as TLS 1.3 with 0-RTT or optimized HTTP/2.
Check the SSL/TLS setup of your server or CDN.

We offer all the SSL/TLS options you need:

  • Instant unshared SSL for free

    We provide you with an SSL Certificate using Let’s Encrypt authority for every CDN URL or CNAME added to your CDN Resource (cdn.your-website.com). We take care of both certificate configuration and renewal.

  • Purchase SAN custom SSL

    Get an “A” graded SSL Certificate from a certified SAN provider. Your and your users' data will be 100% protected. With this level of security, your website is safe from threats such as Heartbleed and POODLE. Secure your CDN Resource for $69 per CNAME per year.

  • Use your own certificate for free

    Bring your existing SSL Certificate and install it on any CDN Resource for free. In the Control Panel you'll just need to copy & paste the SSL Certificate, intermediate certificates and private key. We support wildcard certificates as well.

DDoS protection

All of CDN77’s PoPs are equipped with custom-made filters, all with 100G+ network capacity. With 24/7 traffic monitoring, we detect and effectively block both Protocol and Volume based attacks in under 10 seconds.

Filtered attacks:
UDP Flood, NTP Amplification, DNS Amplification, ICMP Flood, SYN Flood

Robust network
We cooperate with 15 transit providers all over the world and have hundreds of direct peers/PNIs. With an external capacity of ~50 Tbps we can ensure an uninterrupted delivery of your content.

Proprietary solution
CDN77 has developed a proprietary DDoS solution based on DPDK. Pairing real-time monitoring with machine learning, we can detect and stop incoming attacks in seconds.

Non-interrupted connection
We keep your content safe and accessible to legitimate users, even during an attack, without trade-off; filtered traffic is guaranteed to reach your hosts.

Secure tokens & Signed URL

Secure tokens allow you to generate secured links with expiration time and/or lock them onto a specific IP address. We provide a unique token/password to generate signed URLs. You're in full control over who can view your content.

IP & geo whitelisting / blacklisting

When it comes to allowing or blocking specific users or countries, a simple deny/allow rule has you covered.

Origin protection

Our proxy servers are designed to protect your origin server, further ease the load on your server or even hide it from direct incoming traffic. Proxy servers sit between your origin and our caching servers.

  • Strongly secured: sdfs42I0wsep820fgskl25I0117w.com
  • Weakly secured: content.myvideos123.com

SmartWAF - Web Application Firewall

SmartWAF is a convenient web application firewall, which can be enabled with a single click in your Client Panel. It is a strong, yet easy to use feature for any web application.

SmartWaf scheme

CDN77 is using the OWASP Core Rule Set (CRS) which is designed to deflect the most common vulnerabilities, including the OWASP Top 10, such as:

  • SQL Injection (SQLi)
  • Cross Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Remote File Inclusion (RFI)
  • PHP Code Injection
  • Java Code Injection
  • HTTPoxy
  • Shellshock
  • Unix/Windows Shell Injection
  • Session Fixation
  • Scripting/Scanner/Bot Detection
  • Metadata/Error Leakages

The modified version ensures a low number of false alerts for better recognition of real attacks.

If you are interested in setting up custom rules, exceptions or heuristic-based approach, let us know via or email.

Deliver your content with CDN77