Security

The latest technology ensures that your origin, your connection and your content are safer than ever. Stay protected with our proprietary DDoS solution, Secure Token, TLS 1.3 and much more.

SSL Labs overall rating A+

Check for yourself on SSL Labs or our own tool.

Secure connection

All HTTPS connections are powered by the latest web performance and security features, such as TLS 1.3 with 0-RTT or optimized HTTP/2.

Install your own SNI certificate or let us handle it for you with our InstantSSL by Let's encrypt.

Client panel security features

Secure tokens & Signed URL

Protect your content by using secure links with expiration time, and/or limit them to a specific IP address. We provide a unique token/password to generate signed URLs.

Origin protection

Origin Protection proxy servers reside between your origin and our caching servers, reducing the load on your servers as well as the cost of your egress traffic.

IP & geo-whitelisting / blacklisting

When it comes to allowing or blocking specific IPs or countries, a simple deny/allow rule has you covered.

Hotlink protection

Content theft will no longer be an issue. Lock your content exclusively to your domain. Hotlink protection only allows requests with the correct referer header.

DDoS protection

All of CDN77’s PoPs are equipped with custom-made filters, all with 100G+ network capacity. With 24/7 traffic monitoring, we detect and effectively block both Protocol and Volume based attacks in under 10 seconds.

UDP FloodNTP AmplificationDNS AmplificationICMP FloodSYN Flood
  • Robust network

    We cooperate with 15 transit providers all over the world and have hundreds of direct peers/PNIs. With an external capacity of ~150 Tbps we can ensure uninterrupted delivery of your content.

  • Proprietary solution

    CDN77 has developed a proprietary DDoS solution based on DPDK. Pairing real-time monitoring with machine learning, we can detect and stop incoming attacks in seconds.

  • Non-interrupted connection

    We keep your content safe and accessible to legitimate users, even during an attack, without trade-off; filtered traffic is guaranteed to reach your hosts.

SmartWAF - Web Application Firewall

SmartWAF is a convenient web application firewall, which can be enabled with a single click in your Client Panel. It is a strong, yet easy to use feature for any web application.

SmartWaf scheme

CDN77 is using the OWASP Core Rule Set (CRS) which is designed to deflect the most common vulnerabilities, including the OWASP Top 10, such as:

  • SQL Injection (SQLi)
  • Cross Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Remote File Inclusion (RFI)
  • PHP Code Injection
  • Java Code Injection
  • HTTPoxy
  • Shellshock
  • Unix/Windows Shell Injection
  • Session Fixation
  • Scripting/Scanner/Bot Detection
  • Metadata/Error Leakages

The modified version ensures a low number of false alerts for better recognition of real attacks.

If you are interested in setting up custom rules, exceptions or heuristic-based approach, let us know via or email.

Deliver your content with CDN77