A CDN or Content Delivery Network is a global network of servers that serves web content to end-users more quickly by storing copies of files such as images in locations that are geographically closer to the users requesting that content. By using a CDN, websites reduce the load on their origin servers, which can enable them to serve more users without fear of overloading their servers. CDNs improve user experience by contributing to faster website load times, and also improve the security of websites by enabling them to mitigate the impacts of distributed denial of service (DDoS) attacks, and by giving them the ability to install additional security proxies through the content delivery network.
Some of the benefits of using a Content Delivery Network include:
There are a few different types of CDN in operation today, including CDNs operated by telecommunication companies and private CDNs, which are purpose-built for one company. Netflix and Facebook are examples of companies that have built their own Content Delivery Networks due to their large global presence and the huge amount of content they deliver each day. However, most businesses and individuals today looking for a CDN will use a commercial Content Delivery Network, such as Akamai, Cloudflare, or Fastly. While each CDN provider has some unique features, all CDNs work using the same basic principles.
At the heart of Content Delivery Networks, also sometimes referred to as edge networks, is a set of Points of Presence or PoPs, which are groups of servers in multiple locations around the world. The servers hosted in each PoP are known as edge servers, as they are unique to the origin server which hosts the full version of a website or software, and are located at the “edge” of a network closest to the end-user. CDNs vary in the number of PoPs they include, with some networks having thousands of PoPs in all continents, and others focusing their PoPs in key areas they serve.
Edge servers serve multiple purposes, including hosting cached files to improve performance and protecting the origin server by directing traffic to the CDN instead of directly to the origin. CDNs can host a variety of software tools that help with performance and security as edge servers act as reverse proxies, which intercept web traffic and handle it through a set of rules based on the software installed on your edge server. While CDNs are most known for caching content, they can also host threat detection software, image resizing tools, and much more. Below we outline two of the most common use cases for CDNs–caching content and protecting websites from attack.
Each edge server hosts cached copies of web content, most often static files such as images or text files. When a user visits a website or accesses a piece of software, the Content Delivery Network will automatically route them to the closest PoP and deliver cached content from that PoP, rather than directing them to the origin server which may be further away. This step increases website speed and reduces the number of requests that go to the origin server, allowing the origin server to focus on serving more dynamic content which may be difficult to cache.
This type of caching is called server-side caching, and can also be set up without the use of a Content Delivery Network through programs such as Varnish Cache which sit in front of the origin server. However, by using server-side caching in conjunction with a CDN, websites can deliver even more optimal performance. The other commonly known caching method is client-side or browser-caching, in which copies of files are stored in a user’s local browser. Browser-caching means that if a visitor repeatedly visits a webpage, certain objects on that page, such as logo files, will be stored in their browser cache and so are delivered even more quickly. Most websites use a combination of browser-caching and server-side caching, usually through a CDN, to realize the fastest website speeds possible.
To ensure the cached files served from a CDN are up-to-date, websites enter information that tells the caching mechanism when the files expire. If a CDN discovers that a file has expired, it will re-fetch that file from the origin the first time it is requested. This is known as a “cache pull,” and is beneficial as this method means the CDN only requests files when they are needed. Another caching technique is known as “cache push,” when a website proactively tells the cache to update its files. This method can be used for larger files, or when a website updates most of its content and wants to ensure the cache has the updated content.
In addition to improving the performance of a website, Content Delivery Networks also improve the security of websites by detecting threats, blocking malicious traffic, and protecting the origin server from attacks. By utilizing a CDN rather than sending traffic directly to an origin server, the origin server is protected from Distributed Denial of Service attacks, in which attackers attempt to take down websites by sending a huge amount of traffic to a website at once. CDNs both distribute the traffic among multiple PoPs, enabling it to withstand the additional traffic, and can include tools that go a step further in protecting from DDoS and other security threats.
Other security tools which are offered with many CDNs include firewalls and advanced threat detection software which will stop harmful traffic from getting through to the origin server. Firewalls monitor traffic and block certain traffic from entering a website based on a set of rules, such as IP address, and more advanced firewalls may examine the contents of a data packet or create smart rules to identify threats. CDNs may also include tools that mitigate the impact of harmful bots, secure APIs, and manage the TLS/SSL certificates of websites, ensuring that traffic is encrypted. All of these security tools can ensure websites stay online, threats are quickly dealt with, and there is no threat to brand reputation based on security leaks.
There are many CDN solutions available, and every business or individual using a CDN may have different needs and priorities. When considering what Content Delivery Network to utilize, consider these factors:
Content Delivery Networks are valuable tools to be used alongside your cloud computing provider. CDNs can improve the performance and security of websites and applications, reduce hosting costs, and ensure your end users have a good experience. Many DigitalOcean customers use a CDN along with their DigitalOcean Droplets for an optimal website setup. DigitalOcean also includes a CDN with DigitalOcean Spaces, our object storage solution, and App Platform, our Platform as a Service solution. Sign up for a DigitalOcean account today to get started.