Security
Free SSL Certificate Options
Make your site HTTPS ready with our InstantSSL provided by Let's Encrypt or install your own SNI certificate. Quickly, easily, for free.
All HTTPS connection are powered up by the latest web performance and security features such as TLS 1.3 with 0-RTT or optimized HTTP/2.
Check the SSL/TLS setup of your server or CDN.
We offer all the SSL/TLS options you need:
- Instant unshared SSL for free
We provide you with an SSL Certificate using Let’s Encrypt authority for every CDN URL or CNAME added to your CDN Resource (cdn.your-website.com). We take care of both certificate configuration and renewal.
- Purchase SAN custom SSL
Get an “A” graded SSL Certificate from a certified SAN provider. Your and your users' data will be 100% protected. With this level of security, your website is safe from threats such as Heartbleed and POODLE. Secure your CDN Resource for $69 per CNAME per year.
- Use your own certificate for free
Bring your existing SSL Certificate and install it on any CDN Resource for free. In the Control Panel you'll just need to copy & paste the SSL Certificate, intermediate certificates and private key. We support wildcard certificates as well.
DDoS protection
All of CDN77’s PoPs are equipped with custom-made filters, all with 100G+ network capacity. With 24/7 traffic monitoring, we detect and effectively block both Protocol and Volume based attacks in under 10 seconds.
Filtered attacks:
UDP Flood, NTP Amplification, DNS Amplification, ICMP Flood, SYN Flood
Robust network
We cooperate with 15 transit providers all over the world and have hundreds of direct peers/PNIs. With an external capacity of ~50 Tbps we can ensure an uninterrupted delivery of your content.
Proprietary solution
CDN77 has developed a proprietary DDoS solution based on DPDK. Pairing real-time monitoring with machine learning, we can detect and stop incoming attacks in seconds.
Non-interrupted connection
We keep your content safe and accessible to legitimate users, even during an attack, without trade-off; filtered traffic is guaranteed to reach your hosts.
Secure tokens & Signed URL
Secure tokens allow you to generate secured links with expiration time and/or lock them onto a specific IP address. We provide a unique token/password to generate signed URLs. You're in full control over who can view your content.
IP & geo whitelisting / blacklisting
When it comes to allowing or blocking specific users or countries, a simple deny/allow rule has you covered.
Hotlink protection
Common content thefts will no longer be an issue. Lock your content for your domain only. Hotlink protection only allows requests with the correct referer header.
Origin protection
Our proxy servers are designed to protect your origin server, further ease the load on your server or even hide it from direct incoming traffic. Proxy servers sit between your origin and our caching servers.
- Strongly secured: sdfs42I0wsep820fgskl25I0117w.com
- Weakly secured: content.myvideos123.com
SmartWAF - Web Application Firewall
SmartWAF is a convenient web application firewall, which can be enabled with a single click in your Client Panel. It is a strong, yet easy to use feature for any web application.
CDN77 is using the OWASP Core Rule Set (CRS) which is designed to deflect the most common vulnerabilities, including the OWASP Top 10, such as:
- SQL Injection (SQLi)
- Cross Site Scripting (XSS)
- Local File Inclusion (LFI)
- Remote File Inclusion (RFI)
- PHP Code Injection
- Java Code Injection
- HTTPoxy
- Shellshock
- Unix/Windows Shell Injection
- Session Fixation
- Scripting/Scanner/Bot Detection
- Metadata/Error Leakages
The modified version ensures a low number of false alerts for better recognition of real attacks.
If you are interested in setting up custom rules, exceptions or heuristic-based approach, let us know via or email.