Check for yourself on SSL Labs or our own tool.
All HTTPS connections are powered by the latest web performance and security features, such as TLS 1.3 with 0-RTT or optimized HTTP/2.
Install your own SNI certificate or let us handle it for you with our InstantSSL by Let's encrypt.
Client panel security features
Protect your content by using secure links with expiration time, and/or limit them to a specific IP address. We provide a unique token/password to generate signed URLs.
Origin Protection proxy servers reside between your origin and our caching servers, reducing the load on your servers as well as the cost of your egress traffic.
When it comes to allowing or blocking specific IPs or countries, a simple deny/allow rule has you covered.
Content theft will no longer be an issue. Lock your content exclusively to your domain. Hotlink protection only allows requests with the correct referer header.
All of CDN77’s PoPs are equipped with custom-made filters, all with 100G+ network capacity. With 24/7 traffic monitoring, we detect and effectively block both Protocol and Volume based attacks in under 10 seconds.
- Robust network
We cooperate with 15 transit providers all over the world and have hundreds of direct peers/PNIs. With an external capacity of ~120 Tbps we can ensure uninterrupted delivery of your content.
- Proprietary solution
CDN77 has developed a proprietary DDoS solution based on DPDK. Pairing real-time monitoring with machine learning, we can detect and stop incoming attacks in seconds.
- Non-interrupted connection
We keep your content safe and accessible to legitimate users, even during an attack, without trade-off; filtered traffic is guaranteed to reach your hosts.
SmartWAF - Web Application Firewall
SmartWAF is a convenient web application firewall, which can be enabled with a single click in your Client Panel. It is a strong, yet easy to use feature for any web application.
CDN77 is using the OWASP Core Rule Set (CRS) which is designed to deflect the most common vulnerabilities, including the OWASP Top 10, such as:
- SQL Injection (SQLi)
- Cross Site Scripting (XSS)
- Local File Inclusion (LFI)
- Remote File Inclusion (RFI)
- PHP Code Injection
- Java Code Injection
- Unix/Windows Shell Injection
- Session Fixation
- Scripting/Scanner/Bot Detection
- Metadata/Error Leakages
The modified version ensures a low number of false alerts for better recognition of real attacks.
If you are interested in setting up custom rules, exceptions or heuristic-based approach, let us know via or email.