Rock Solid CDN Security Protocols

Otherwise known as HSTS, this is something that can be enabled using our EdgeRules product. What it does is force HTTPS connections by the browser even if the user tries to use HTTP. This increases the security of a website as it ensure that no hacker or virus could trick the user into using HTTP and then in turn read the un-encrypted traffic on a public network.

Restrict account access to a whitelist of IP addresses by user account. This means you can limit logins to office IP Addresses only. Add as many IPs as you like and easily disable them with a single click.

Emails are sent to Account Owners to keep you informed whenever your origin is modified. Emails are also sent to account owners every time a new IP is seen logging in for the first time.

Get the details on who is accessing your control panel including:

• Timestamp
• User
• Activity details
• User agent
• Activity location (city, country)

Define strict access to individual files and prevent any unauthorized access to your CDN assets. Every secure link is generated by two parameters you have full control over from the control panel — the password and the time the asset is available.

• cURL with secure link:

  $ curl -I zone.alias.netdna-cdn.com/foo.pdf?st=YNcnQ1H0tpgCzaLQ&e=1355776589
  HTTP/1.1 200 OK
  Server: NetDNA-cache/2.2

• cURL with expired link:

  $ curl -I zone.alias.netdna-cdn.com/foo.pdf?st=YNcnQ1H0tpgCzaLQ&e=1355776589
  HTTP/1.1 410 Gone
  Server: NetDNA-cache/2.2

• Execute the secure token outside of our Control Panel with PHP, Python, Ruby, Java, node.js. or .NET. Here is a PHP sample:

  
  $secret = 'jsdkhf8fh3fewk';
  $path = '/foo.pdf';
  $expire = time() + 3600; // one hour valid
  $md5 = base64_encode(md5($secret . $path . $expire, true)); // Using binary hashing.
  $md5 = strtr($md5, '+/', '-_'); // + and / are considered special characters in URLs, see the wikipedia page linked in references.
  $md5 = str_replace('=', '', $md5); // When used in query parameters the base64 padding character is considered special.
  $url = "http://zone.alias.netdna-cdn.com{$path}?st={$md5}&e={$expire}"; // use this as DL url
  echo $url;
  echo "\n\n";
  ?>

If MaxCDN detects that someone else is trying to access your account using stolen cookies or any other CSRF (Cross Site Request Forgery) exploit we will block the action and you will be immediately notified via an email.