Features and Benefits

Features

  • CDN Distributions: Configure the instructions and resources that define how content is delivered from the origin server to the users through the CDN.

  • SSL/TLS Encryption: With SSL/TLS support in CDN, data transmitted between the CDN edge servers and users is encrypted, ensuring secure data transmission and reliability of content delivery through CDN networks. CDN also offers the flexibility to upload custom SSL certificates that suit your organization's requirements. It also supports the auto-renew of SSL certificates based on a certificate provider like ACME via API.

  • WAF: CDN offers a critical security feature, WAF, that provides an additional layer of security for web applications.

  • DDoS Layer 7 Protection: You can enable DDoS protection at layer 7 of the Open Systems Interconnection (OSI) model, which protects web applications against distributed denial-of-service attacks.

  • Caching: CDN caches static content such as images, CSS files, and scripts at edge servers, reducing the load on the origin server and speeding up content delivery to users. With these rules, you can control how content is delivered, cached, and optimized for users.

  • Routing Rules: With CDN, configure how incoming user requests are handled and routed within the CDN infrastructure. At least one routing rule for an origin server must exist, and a maximum of twenty-five routing rules are possible. The rules are applied in the defined sequence, meaning the first routing rule will have the highest precedence.

Warning: It is not recommended to set / as the first rule, as all the subsequent rules present will be overridden by this rule.

  • Geo-Based Routing: With this routing mechanism, CDN allows users to route traffic based on the geographic location of users. This ensures that users are served content from the nearest edge server, reducing latency and improving overall performance.

  • Geo-Restrictions: With this feature, you can configure to block or allow countries to access the CDN distribution. Users can specify the geolocation parameters to block access from specific countries or regions. This can help prevent malicious traffic from specific locations and limit content delivery to only allowed geographical areas. You can also choose to allow countries or regions and restrict access to only the allowed countries list.

  • Rate Limiting: You can choose to limit the rate of incoming requests from specific IP addresses to the CDN. For more information, see Rate Limit Class.

Rate Limit Class

Rate limiting controls the number of incoming ingress requests to the CDN from clients behind the same IP address within a specific timeframe. Rate limits can be configured for each routing rule, including the scheme, hostname, and path prefix. Rate limits apply to both cached and uncached content. IONOS CDN rate limits do not restrict outgoing egress connections from the CDN to the origin server.

By default, a limit of 100 requests per second is applied per routing rule, when the rate limit value is set to R100.

Following are the rate limit classes that can be configured:

Note: All the rate limit requests are applied per second per CDN node which serves the CDN IP grouped by the scheme, hostname, and URI path.

  • R1: Allows up to 1 request per second, per client IP and routing rule.

  • R5: Allows up to 5 requests per second, per client IP and routing rule.

  • R25: Allows up to 25 requests per second, per client IP and routing rule.

  • R50: Allows up to 50 requests per second, per client IP and routing rule.

  • R100: Allows up to 100 requests per second, per client IP and routing rule.

  • R250: Allows up to 250 requests per second, per client IP and routing rule.

  • R500: Allows up to 500 requests per second, per client IP and routing rule.

Consider the following factors when choosing a rate limit class:

  • The rate limit applies to both cached and uncached content.

  • A CDN provides implicit flood protection for your origin server by serving cached content. However, uncached or uncacheable content must still be retrieved from your origin server, and these requests are not explicitly rate-limited. For example, a DDoS attack originating at 2000 IPs requesting uncacheable content could generate requests up to 2000 times the configured request rate.

  • You may prefer a lower rate limit to reduce the likelihood of unreasonable requests to the web content. Conversely, if you aim to serve all requests to the CDN as quickly as possible, you could opt for a higher rate limit.

  • If your clients are using shared IP addresses such as Managed NAT Gateway or proxy servers, it could lead to exhausting a lower rate limit sooner.

  • A lower rate limit can negatively impact overall website performance if your CDN-served website content contains many smaller objects.

  • Rate limits are configured and applied on a per-routing-rule basis. You can take advantage of this by using different routing rules for various types of content. Use one routing rule with a higher rate limit to ensure faster content delivery for static, easily cacheable content, and apply another routing rule with a significantly lower rate limit for potentially uncacheable, dynamic content.

Benefits

  • Faster Website Loading: CDN delivers content from servers nearest to the user, thus reducing latency and improving page load times. This results in a better user experience and positively impact Search Engine Optimization (SEO) rankings.

  • Scalability: CDNs are designed to handle high traffic loads and can easily scale based on demand. This ensures that websites and applications remain responsive even during traffic spikes.

  • Enhanced Security: With DDoS Layer 7 protection, WAF, and SSL/TLS encryption, CDN helps safeguard websites and applications against online threats.

  • Improved Performance: By caching content at edge servers worldwide, CDNs can deliver content more efficiently, reducing server load and improving overall performance.

  • Global Delivery Scale: With CDN, geographical proximity between the user and the network server is always close, enabling requests for content delivery to the website to be loaded with less latency. This feature also boosts the website's Search Engine Optimization (SEO) since search engines prioritize websites that load at a quicker response time.

  • High Reliability: CDNs utilize redundancy and failover mechanisms to ensure high availability and reliability. If one server goes down, traffic can be automatically rerouted to another server, minimizing downtime.

  • Threat Mitigation: By blocking traffic from specific regions or countries, you can mitigate threats and malicious attacks from specific geographical locations.

Last updated