• Share

8 Advanced Content Delivery Network Features

By Brian Jackson
Updated on July 7, 2020
8 Advanced Content Delivery Network Features

Many people enable their content delivery network service and leave it at that. While you might be taking advantage of all the primary CDN benefits, there are additional advanced features you can implement to take your content delivery to the next level. Some of these features can help you harden security on your CDN, lower costs by preventing bandwidth theft, and decrease the load on your origin server.

Advanced content delivery network features

Below are just a few advanced content delivery network features you may not yet be using.

1. X-Pull Key - Restricting CDN traffic

The X-Pull Key feature allows you to restrict traffic to your content delivery network. There are a couple reasons why you might want to do this:

  • You want to rate limit bandwidth on your origin server
  • You want to make sure everyone is using the CDN for better performance and not linking traffic to your server directly
  • Create a custom logic on your origin server
  • Restrict access to visible CDN URLs
  • Distinguish KeyCDN traffic from other traffic on your origin server

The X-Pull Key feature is available within the KeyCDN dashboard by going to the Zone settings. By default it is set to KeyCDN but you can change this value to up to a custom 15 alphanumeric value.

Another use case would be to restrict access to certain visible CDN URLs. For example, if you setup a custom CDN URL (e.g. cdn.example.com) the root will normally be accessible. You could restrict access to this and instead return a 403 or 405 error.

There is no specific User-Agent when KeyCDN fetches content from your origin server. Instead the X-Pull Key feature allows you to distinguish KeyCDN traffic from other traffic on your origin server by modifying the request header.

GET /foobar.jpg HTTP/1.1
Host: your_origin_host
X-Forwarded-Host: <zonename>-<hexid>.kxcdn.com
X-Forwarded-For: 178.82.72.134
X-Forwarded-Scheme: http
**X-Pull: KeyCDN**
Connection: close
Accept: */*
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36
Accept-Language: en-US,en;q=0.8,de;q=0.6,ja;q=0.4
Cookie: foobar

Read more on how to restrict traffic to your CDN.

Zone Referrer, also referred to as hotlink protection, is one of the easiest and quickest methods to implement which will prevent bandwidth theft. Hotlinking refers to someone directly linking to one of your images on their own server. What this means is that when someone visits their site it has to load the image from your CDN (edge server), taking up your bandwidth and actually costing you money.

By enabling hotlink protection requests without an HTTP referrer field are NOT allowed to access your assets. If they try, the asset will show up as on broken on their server, generating a 403 error in the header.

This is available within the KeyCDN dashboard by going to Zone Referrers. Check out our step by step tutorial on creating a Zone Referrer and enabling hotlink protection.

3. Secure Token - Limiting CDN accessibility by time

Secure Token allows you to generate secured links with an expiration time. Once a token has expired, it is not possible anymore to access the content. Unlike some other providers, KeyCDN provides Secure Token free with every account.

The Secure Token feature is available within the KeyCDN dashboard by going to the Zone settings. Example of how a Secure Token link would look like:

http://zonename-hexid.kxcdn.com/folder1/file1.jpg?token=85b9a81b78b24b4d18303c91b79e0124&expire=1384719072

Check out our step by step tutorial on how to generate Secure Tokens.

4. Origin Shield - Reduce load on origin server

Origin Shield is basically an extra caching layer which reduces the load on your origin server and accelerates the distribution of your content from the origin server to your edge servers. Origin Shield is a great feature to reduce the traffic on your origin server to an absolute minimum and protect your infrastructure from abuse or traffic spikes.

The Origin Shield feature is available within the KeyCDN dashboard by going to the Zone settings.

First request with Origin Shield

Here is an example of what happens on the first request to your origin server.

Following requests with Origin Shield

After the first request, the following requests for the same content are served out of cache without requesting additional data from your origin server.

Unlike some other providers, KeyCDN provides Origin Shield free with every account!

5. Cache-Control - Speed up access

Cache-Control is an HTTP cache header comprised of a set of directives that allow you define when / how a response should be cached and for how long. Browsers store these, which in turn means they don't have to make an additional request to the server, speeding up access. You can add or modify the Expires and Cache-Control response header fields that are sent to the client.

The Expires feature is available within the KeyCDN dashboard by going to the Zone settings.

  • -1 Cache-Control: no-cache
  • 0 Push Zone: disabled / Pull Zone: as received from the origin (header honoring)
  • >0 Cache-Control: max-age=_t_, where t is the time specified in the directive in minutes converted to seconds

This setting overwrites the value received from the origin in case of a Pull Zone. The Expire setting value only impacts browser cache and not the KeyCDN cache. Read more about Cache-Control.

6. HTTP Live Streaming - Speeding up video delivery

HTTP Live Streaming (HLS) is a technology, developed by Apple, for streaming live and on demand video. Live streaming has made some great advancements in the past few years as far as accessibility, usability, security, and configuration abilities. HTTP Live Streaming plays a big part in these advancements especially for mobile devices as it allows for these devices to access live media efficiently and seamlessly.

You can use KeyCDN to help supercharge your HLS live stream by creating a Pull Zone and enabling Optimize for HLS.

The Optimize for HLS feature is available within the KeyCDN dashboard by going to the Zone settings. Read our step by step tutorial on delivering HLS content with KeyCDN.

Summary

As you can see there are many additional ways you can take your content delivery network to the next level and really fine tune the delivery of your content to your visitors. From restricting CDN traffic, preventing bandwidth theft, using Secure Token, programmatically purging, tweaking cache control settings, digging into your log data, and speeding up the delivery of your video content with HLS.

  • Share

Supercharge your content delivery 🚀

Try KeyCDN with a free 14 day trial, no credit card required.

Get started

Comments

Comment policy: Comments are welcomed and encouraged. However, all comments are manually moderated and those deemed to be spam or solely promotional in nature will be deleted.
  • **bold**
  • `code`
  • ```block```
KeyCDN uses cookies to make its website easier to use. Learn more