HTTP (HyperText Transfer Protocol) is an application-level network protocol that determines how content is transferred over the network. HTTP/2 is its latest version as of the moment of this publication.
How HTTP/2 was created
The specification of the first protocol version, HTTP/0.9, was published back in 1991. In 1996, HTTP/1.0 appeared, and HTTP/2’s predecessor, HTTP/1.1, was released in 1999. Then followed a long period without any updates.
An alternative to HTTP/1.1, the SPDY protocol, was developed in 2009. At that time, the developers already realized that the existing version was not providing for enough data transfer speed. The engineers strived to modify how the queries were sent and received, thus speeding up the work of the Internet. It was this protocol that HTTP/2 was based on.
SPDY really did speed up web apps. It was gaining popularity and provided serious competition to HTTP. Eventually the developers decided that there should not be two competitive protocols and ended up unifying the two standards. The HyperText Transfer Protocol work group from the Internet Engineering Task Force took up the new protocol creation, and in 2015, HTTP/2 was revealed.
The main goal of the new version was speeding up data transfer. At the same time, the developers wanted to eliminate the “bottlenecks” of HTTP/1.1, making it safer and more efficient.
HTTP/1.1 problems and limitations
As we already said, this protocol version was released in 1999, and HTTP/2 wasn’t created until 16 years later. A lot has changed on the Internet since. Many new website elements appeared: jаvascript, animations, CSS styles, and so on.
To make sure web resources loaded fast enough, queries for different elements had to be processed simultaneously. The protocol had to establish several TCP connections at once to transfer different kinds of data.
TCP connection for data transfer over HTTP/1.1
That created a colossal load on the network.
At the same time, the number of established connections was limited—and often not high enough. To bypass the limitations, web developers had to use a multitude of tricks, such as domain sharding (using subdomains to load resources), combining the pictures into a single file, and so on, which created further issues.
Besides, as HTTP/1.1 had existed for many years, at some point is stopped being safe. Intruders found loopholes in it, which allowed them to steal users’ data.
HTTP/2 solved all these problems and helped significantly speed up data transfer on the web.
HTTP/2 capabilities. How it speeds up websites and improves data transfer
To eliminate all the problems of HTTP/1.1, the developers introduced a number of important changes to the new version. We won’t examine each difference: let’s only talk about those that have a direct effect on the speed.
Binary protocol
The previous versions of HTTP transferred data as text. It was convenient for the users, but from the technical point of view, text messages take longer to process than binary ones.
HTTP/1.1 and HTTP/2 data transfer comparison
In HTTP/2, messages consist of frames, or binary data parts. Their sum total is called a stream. Every frame contains a unique stream ID: the information about what stream it is a part of.
Frames and streams in HTTP/2
There are several kinds of frames. For example, for the transfer of metadata (message size, data type, sender/receiver address, etc.), the HEADERS frame is used, while for the main message, it is the DATA frame.
Then there’s the RST_STREAM frame, which is used to terminate a stream: the client sends it to the server to announce that the stream is not needed anymore. It stops data transfer while keeping the connection open. To put that into context, in HTTP/1.1, the only way to stop data transfer was to terminate the connection, which then had to be reestablished.
These principles of binary protocol operation improve the connection quality:
- The likelihood of errors goes down.
- Overhead costs of data parsing go down.
- The network load goes down, resources are used more efficiently.
- Binary commands are more compact than text commands, which lowers the time it takes to process and execute them.
- Therefore, there’s also less data transfer delays.
- Simpler processing of messages means higher fault tolerance.
- The risk of hacker attacks goes down, especially of ones like HTTP Response Splitting. In the previous versions, text data in the headers provided an opening for these attacks.
Besides, the binary nature of HTTP/2 opened a whole range of possibilities to speed up data transfer, which we’ll discuss below.
Multiplexing
This is one of the main differentiators of HTTP/2 from the previous versions, and the main feature that allowed the developers to speed up data transfer.
In HTTP/1.1, several parallel TCP connections were created for a quick transfer of different types of data. In the new version, all data can be transferred with a single connection.
TCP connection for data transfer over HTTP/2
The binary nature of the protocol makes it possible to load different kinds of information in parallel, without delays and without blocking any of the replies or queries.
Connection only has to be established once, and that really reduces the content delivery time. The reason is, a “three-way handshake” is required to establish each TCP connection:
- The sender sends a request to establish the connection: a SYN message with the index number of the byte sent.
- In response, the sender sends a SYN message, acknowledges the acceptance of the data with an ACK message, and sends the number of the byte which is to be received next.
- The sender also confirms the data acquisition and sends the number of the next expected byte.
Only after these three steps have been carried out, the connection is considered to have been established.
TCP connection establishment
All of these steps take time. When the connection only needs to be established once, the computers do not waste time on extra “handshakes,” which increases the speed accordingly.
Besides, in HTTP/2, there is no need for domain sharding.
To avoid the limitation on the number of TCP connections in HTTP/1.1, developers posted some of the content onto the subdomains. The data from the subdomains was loaded in parallel, which helped increase the speed.
There’s no need to do that anymore: different data can be transmitted within a single connection, and there is no limitation.
Header compression
To make sure the server completes the request as precisely as possible, its header should contain a lot of specifying metadata—and HTTP is a stateless protocol. That means the server cannot store the information from the previous requests, and the client ends up having to send a lot of identical data in headers.
These headers contain about 500 to 800 bytes of ancillary data—and if cookie files are used, it can be 1 KB+.
That makes the messages larger in general. And the larger the size of a message, the longer it is transferred, and the higher the delay will be.
In HTTP/2, the issue was fixed by header compression under the HPACK format. It encodes and compresses the headers using the Huffman algorithm. At the same time, the client and the server keep up a shared and constantly updated table of headers, which makes it possible to restore repeated headers from the table instead of sending them over and over.
HPACK header compression
Less data is being transferred, which means queries and replies are sent faster.
Server Push feature
This feature allows the server to transfer data even before the client’s request. For example, the browser downloads a page and sends an HTML request. But to render the page, CSS data will be needed besides the HTML data. So, the server doesn’t wait for a second request for CSS and sends the CSS data immediately along with the requested data.
How the Server Push works
The data that the server “guessed” is sent within the PUSH_PROMISE frame: it allows the client to understand they didn’t request this information, and to determine whether they need it. If the information proves unnecessary (for example, because it is already cached), the browser can send as a response the RST_STREAM frame (we discussed it above) and stop the redundant data transfer.
This helps avoid data duplication.
Therefore, the feature lowers the number of requests to the server, lowers the load on it, and speeds up the operation of web apps.
Prioritizing content delivery
By default, HTTP/2 data are sent asynchronously and in an arbitrary sequence. However, the sequence can be tuned. You can define what data the server should return first and what can be sent later.
The protocol makes it possible to determine the weight of each stream: its importance in the transfer priority plan. HTTP/2 also allows one to set up the interdependence of streams on one another.
The weight is determined as an integer from 1 to 256: the larger the number, the higher the priority of the stream.
The dependence of one stream on another is specified with a dedicated identifier, referring to another, “parent” stream.
For example, if stream X depends on stream Y, it means stream Y is the parent stream, and it must be fully processed first, before the processing of stream X begins.
If streams do not depend on one another but have different weights, different numbers of resources are allocated for each stream, proportional to their weight.
Suppose streams X and Y do not depend on one another, but the weight of X is 10, while the weight of Y is 15. Let’s calculate the share of resources to be allocated to each of them:
- X + Y = 10 + 15 = 25
- Resources allocated to X = 10 / 25 = 40%
- Resources allocated to Y = 15 / 25 = 60%
So, 40% of resources will be allocated for the processing of stream X, and 60%, for the processing of stream Y.
Let’s look at a more detailed example of how this works.
Content prioritization scheme in HTTP/2
What this flow chart means is:
- Stream D is to be priority-processed.
- Streams E and C are to be processed after D, 50% resources to be allocated for each of them.
- Streams A and B are to be processed after C, with A getting 75% of the resources, and B, 25%.
What opportunities prioritization provides:
- You’ll be able to define what content to load first.
- You can prioritize the website elements that are most important to the users.
- The users will get all the elements needed to interact with the website even before it loads completely.
- This will create the impression of a quicker load and improve the customer experience.
How HTTP/2 speeds websites up in practice
A lot of time has passed since the release of HTTP/2, and it has been tested and compared to HTTP/1 many times. Different tests provide different results, but most of them do confirm that the new version is more productive than the predecessor.
For example, the CSS-Tricks test showed that a website with HTTP/2 loaded almost twice as fast as a HTTP/1.1 resource.
To perform this test, the company modeled a real single-page website on WordPress. To measure the load speed, they used the GTMetrix instrument.
As a result, with use of HTTP/1.1, the website page loaded in 1.9 seconds.
While with HTTP/2, under the same conditions, the load time was 1 second.
At the same time, we can see the number of queries under HTTP/2 was lower.
The results of a test performed by SolarWinds were not as impressive. It showed that HTTP/2 was only 13% more efficient than the predecessor.
Like in the previous test, the company measured the speed of a WordPress website with Pingdom. The speed was tested 4 times with 30-minute intervals. After averaging the results, here’s what they ended up with:
The HTTP/1.1 website loaded in 534 ms.
While with HTTP/2, the same website loaded in 464 ms.
In any case, HTTP/2 is currently the fastest and most optimized version of the Internet’s main data transfer protocol.
Let’s sum it up
- HTTP/2 is the second large build of HTTP, the application-level network protocol that determines how content is transferred over the internet.
- HTTP/2 was launched in 2015, as a substitute for HTTP/1.1. The main goal of the new version was speeding up content delivery.
- The main feature of HTTP/2 that helped it speed up the delivery was stream multiplexing: creating a single connection for all data types and transferring the data in parallel.
- Besides, HTTP/2 can transfer content even faster by compressing the headers, prioritizing the streams, and utilizing the Server Push feature. And unlike HTTP/1.1, it is a binary protocol, which also makes it more productive.
- The tests undertaken show that the use of HTTP/2 provides a significant benefit in website loading speed as compared to HTTP/1.1.
Gcore CDN supports the HTTP/2 protocol. And our network can transfer content over HTTP/2 even if your servers do not support it.
Gcore CDN specifics:
- Fast. Average global response time under 30 ms.
- Powerful. Overall network capacity over 75 Tbps.
- Global. 90+ points of presence across 5 continents.
- Competitive. Convenient plans and flat pricing worldwide, with a free plan for smaller projects.
Related articles
How AI is reshaping the future of interactive streaming
Interactive streaming is entering a new era. Artificial intelligence is changing how live content is created, delivered, and experienced. Advances in real-time avatars, voice synthesis, deepfake rendering, and ultra-low-latency delivery are giving rise to new formats and expectations.Viewers don’t want to be passive audiences anymore. They want to interact, influence, and participate. For platforms that want to lead, the stakes are growing: innovate now, or fall behind.At Gcore, we support this shift with global streaming infrastructure built to handle responsive, AI-driven content at scale. This article explores how real-time interactivity is evolving and how you can prepare for what’s next.A new era for live contentStreaming used to mean watching someone else perform. Today, it’s becoming a conversation between the creator and the viewer. AI tools are making live content more reactive and personalized. A cooking show host can take ingredient requests from the audience and generate live recipes. A language tutor can assess student pronunciation and adjust the lesson plan on the spot. These aren’t speculative use cases—they’re already being piloted.Traditional cameras and presenters are no longer required. Some creators now use entirely digital hosts, powered by motion capture and generative AI. They can stream with multiple personas, switch backgrounds on command, or pause for mid-session translations. This evolution is not about replacing humans but creating new ways to engage that scale across time zones, languages, and platforms.Creating virtual influencersVirtual influencers are digital characters designed to build audiences, promote products, and hold conversations with followers. Unlike human influencers, they don’t get tired, change jobs, or need extensive re-shoots when messaging changes. They’re fully programmable, and the most successful ones are backed by teams of writers, animators, and brand strategists.For example, a skincare company might launch a virtual influencer with a consistent tone, recognizable look, and 24/7 availability. This persona could host product tutorials in the morning, respond to DMs during the day, and livestream reactions to customer feedback at night—all in the local language of the audience.These characters are not limited to influencer marketing. A virtual celebrity might appear as a guest at a live product launch or provide commentary during a sports event. The point is consistency, scalability, and control. Gcore’s global delivery network ensures these digital personas perform without delay, wherever the audience is located.Real-time avatars and AI-generated personasReal-time avatars use motion capture and emotion detection to mimic human behavior with digital models. A fitness instructor can appear as a stylized avatar while tracking their own real movements. A virtual talk show host can gesture, smile, or pause in response to viewer comments. These avatars do more than just look the part—they respond dynamically.AI-generated personas build on this foundation with language generation and decision-making. For instance, an edtech company could deploy a digital tutor that asks learners comprehension questions and adapts its tone based on their engagement level. In entertainment, a music artist might perform live as a virtual character that reflects audience mood through color shifts, dance patterns, or facial expression.These experiences require ultra-low latency. If the avatar lags, the illusion collapses. Gcore’s infrastructure supports the real-time input-output loop needed to make digital characters feel present and responsive.Deepfake technology for creative storytellingDeepfakes are often associated with misinformation, but the same tools can be used to build engaging, high-integrity content. The technology enables face-swapping, voice cloning, and character animation, all of which are powerful in live formats.A museum might use deepfake avatars of historical figures for interactive educational sessions. Visitors could ask questions, and Abraham Lincoln or Golda Meir might respond with historically grounded answers in real time. A brand could create a fictional spokesperson who evolves over time, appearing in product demos, ads, and livestreams. Deepfake technology also allows multilingual content without re-recording—the speaker’s lip movements and tone are modified to match each language.These applications raise legitimate ethical questions. Gcore’s streaming infrastructure includes controls to ensure the source and integrity of AI-generated content are traceable and secure. We provide the technical foundation that enables deepfake use cases without compromising trust.Synthetic voices and personalized audioAudio is often overlooked in discussions about AI streaming, but it’s just as important as video. Synthetic voices today can express subtle emotions and match speaking styles. They can whisper, shout, pause for dramatic effect, and even mimic regional accents.Let’s consider a news platform that offers interactive daily briefings. Viewers choose their preferred language, delivery style (casual, serious, humorous), and even the voice profile. The AI generates a personalized broadcast on the fly. In gaming, synthetic characters can offer encouragement, warn about strategy mistakes, or narrate progress—all without human voice actors.Gcore’s streaming infrastructure ensures that synthetic voice outputs are tightly synchronized with video, so users don’t experience out-of-sync dialogue or lag during back-and-forth exchanges.Increasing interactivity through feedback and participationInteractivity in streaming now goes far beyond comments or emoji reactions. It includes live polls that influence story outcomes, branching narratives based on audience behavior, and user-generated content layered into the broadcast.For example, a live talent show might allow viewers to suggest challenges mid-broadcast. An online classroom could let students vote on the next topic. A product launch might include a real-time Q&A where the host pulls questions from chat and answers them in the moment.All of these use cases rely on real-time data processing, behavior tracking, and adaptive rendering. Gcore’s platform handles the underlying complexity so that creators can focus on building experiences, not infrastructure.Why low latency is criticalInteractive content only works if it feels immediate. A delay of even a second can break immersion, especially when users are trying to influence the outcome or receive a response. Low latency is essential for real-time gaming, sports, interviews, and educational formats.A live trivia game with hundreds of participants won’t retain users if there’s a lag between the question appearing and the timer starting. A remote surgery training session won’t work if the avatar’s responses trail behind the mentor’s instructions. In each of these cases, timing is everything.Gcore Video Streaming minimizes buffering, supports high-resolution streams, and synchronizes data flows to keep participants engaged. Our infrastructure is built to support high-throughput, globally distributed audiences with the responsiveness that interactive formats demand.Preparing for what’s nextAI-generated content is no longer a novelty. It’s becoming a standard feature of modern streaming strategies. Whether you’re building a platform that features virtual influencers, immersive avatars, or interactive educational streams, the foundation matters. That foundation is infrastructure.If you’re planning the next generation of live content, we’re ready to help you bring it to life. At Gcore, we provide the performance, scale, and security to launch these experiences with confidence. Our streaming solutions are designed to support real-time content generation, audience interaction, and global delivery without compromise.Want to see interactive streaming in action? Learn how fan.at used Gcore Video Streaming to deliver ultra-low-latency streams and boost fan engagement with real-time features.Read the case study
What are captions and subtitles, and how do they work?
Subtitles and captions are essential to consuming video content today. But how do they work behind the scenes?Creating subtitles and captions involves a five-step process to ensure that your video’s spoken and auditory content is accurately and effectively conveyed. The five steps are transcription, correction, synchronization/spotting, translation, and simulation/display on screen.The whole process is usually managed using specialized subtitle or caption creator software.In this blog, we explain the five steps in more detail, what the end user sees, and how to choose the right caption/subtitle service for your needs.Step 1: TranscriptionSpoken content is transformed into a text-based format. Formats are different ways to implement the textual elements, depending on technical needs.Transcription creates the raw materials that will be refined in stages 2–4.Step 2: CorrectionCorrection enhances readability by improving the textual flow. Punctuation, grammar, and sentence structure are adjusted so that the user’s reading experience is seamless and doesn’t detract from the content.Step 3: Synchronization/spottingNext, the text and audio are aligned precisely. Each caption or subtitle’s timing is adjusted so it appears and disappears at the correct moment.Step 4: TranslationTranslation is required for content intended for consumption in multiple languages. During this stage, it’s important to consider format requirements and character limitations. For example, a caption that fits on two lines in English might require three in Spanish, and so in Spanish, one caption becomes two. As a result, additional synchronization might be necessary.Step 5: Simulation/display on screenFinally, the captions or subtitles need to be integrated onto the end user’s screen. Formatting issues might arise at this stage, requiring tweaks for an optimal user experience.How does the end user see subtitles and captions?After the technical process of creating captions and subtitles, the next step is understanding how these elements appear to the end user. The type of captions you choose can greatly impact the user experience, especially when considering accessibility, engagement, and clarity. Below, we break down the different options available and how they serve different viewing scenarios.Open captions: These are always visible to viewers and are a fixed part of the video. They’re popular, for example, for video installations in museums and employee training videos—cases where maximum accessibility is the key consideration when it comes to captions and/or subtitles.Closed captions: Viewers can turn these on or off based on preference. For instance, an online course might offer this feature, allowing learners to choose how to consume the content. Students could opt temporarily to turn on closed captions to note the spelling of a new term introduced during the course.Real-time captions: These are great for live events like webinars, where the text appears almost simultaneously as the words are spoken. They keep the audience engaged in real time without missing out on crucial points. For example, ambient noise like chatter in a sports bar might obscure commentary on a live TV basketball game. Real-time captions allow viewers to benefit from near-live commentary regardless of the bar’s noise levels or if the TV’s sound is muted.Burned-in subtitles: These are etched onto the video and cannot be turned off. A promotional video targeting a multilingual audience might use this feature so that everyone understands the message, regardless of their language preference.What to look for in captioning and subtitling servicesTo deliver high-quality captions and subtitles, it's important to choose a provider that offers key features for accuracy, efficiency, and audience engagement.Original language transcription: Accurate documentation of every spoken word in your video for unrivaled accuracy.Tailored translation: Localized content that integrates translations with cultural relevance, increasing resonance with diverse audiences.Alignment synchronization: Time-annotated subtitles, matching words perfectly to the on-screen action.Automatic SRT file generation: A simplified subtitling and captioning process through effortless file creation for a better user experience.Transform your videos with cutting-edge captions and subtitles from GcoreNo matter your video content needs, it’s essential to be aware of the best type of captions and subtitles for your audience’s needs. Choosing the right format ensures a smoother viewing experience, better accessibility, and stronger engagement across every platform.Gcore Video Streaming offers subtitles and closed captions to enhance users’ experience. Each feature within the subtitling and captioning toolkit is crafted to expand your video content’s reach and impact, catering to a multitude of use cases. Embedding captions is quick and easy, and AI-automated speech recognition also saves you time and money.Try Gcore's automated subtitle and caption solution for free
Why captions and subtitles are essential for video engagement
From TikToks on silent commutes to training videos in noisy offices, silent viewing is now standard. Captions and subtitles aren’t just accessibility features anymore. They’re essential for user engagement, global reach, and video performance.This article explores why captions and subtitles matter and how they boost engagement with your videos, providing a better user experience for your audience. If you want to know how captions and subtitles work, we’ve got an article for that too.How subtitles and captions improve your video performanceSubtitles are now widely used across platforms and age groups. For many younger viewers, reading along while watching is second nature, especially on social media. For others, subtitles are a practical solution: watching videos in public spaces, scrolling during breaks, or learning on the go—all without needing sound.Captions offer tangible benefits across four key areas:Engagement and comprehension: Improve clarity in movies, boost understanding in online courses, and increase focus in business content.Accessibility and inclusion: Make content available to hard-of-hearing users and break language barriers for global audiences.SEO and discoverability: Search engines can crawl subtitle text, making your video content more findable, even when autoplayed without sound.Silent usability: Your content works in all environments, from crowded trains to quiet offices.Captions have shifted from niche to norm, helping creators reach more people, boost retention, and deliver clearer messages.Common challenges and their solutionsImplementing captions at scale poses three major challenges: cost, delay, and accuracy. Here's why these challenges exist and how Gcore Video Streaming can help you overcome them at the click of a button.CostInvesting in high-quality transcriptions can be a financial burden, especially for smaller players in online education. Specialized expertise is required for accurate educational content, and human oversight adds ongoing labor costs. Transcription is a recurring expense that grows with multiple languages or regulatory compliance.Gcore scalable AI-powered transcription services reduce reliance on costly manual processes, offering affordable, multi-language support with built-in compliance features, making transcription cost-effective for all budgets.Delay/latencyIn live events, even slight delays in captioning can disengage audiences. For example, in a Formula One race, missing real-time commentary on pit stops or track conditions can leave viewers confused or frustrated. Lagging captions fail to keep pace with the action, breaking immersion.Real-time AI ASR (automatic speech recognition) from Gcore minimizes captioning delay, so that live captions sync perfectly with events, keeping viewers fully engaged without lag.AccuracyA small text error in captions can distort the message and harm reputation. Errors in MOOCs or corporate webinars risk undermining credibility and discouraging future participation. Precision is critical to maintain trust and clarity.Gcore leverages advanced AI models fine-tuned for domain-specific vocabulary and includes automated quality checks, drastically reducing errors and preserving message integrity across all video content.Enhance your video content with Gcore AI-powered caption and subtitles toolsCaptions are now a strategic content layer, not just an accessibility checkbox. With video now the dominant format across marketing, education, and entertainment, it's critical to implement captions efficiently, affordably, and at scale.Gcore’s AI-powered Video Streaming lets you generate accurate, real-time captions across multiple languages with minimal developer effort. Built-in AI ASR (automatic speech recognition) means your captions stay synchronized even during fast-paced live events. Whether you’re running an LMS, hosting global events, or publishing OTT content, Gcore Video Streaming helps you scale captions with speed and precision.Request a demo of Gcore AI ASR
How to cut egress costs and speed up delivery using Gcore CDN and Object Storage
If you’re serving static assets (images, videos, scripts, downloads) from object storage, you’re probably paying more than you need to, and your users may be waiting longer than they should.In this guide, we explain how to front your bucket with Gcore CDN to cache static assets, cut egress bandwidth costs, and get faster TTFB globally. We’ll walk through setup (public or private buckets), signed URL support, cache control best practices, debugging tips, and automation with the Gcore API or Terraform.Why bother?Serving directly from object storage hits your origin for every request and racks up egress charges. With a CDN in front, cached files are served from edge—faster for users, and cheaper for you.Lower TTFB, better UXWhen content is cached at the edge, it doesn’t have to travel across the planet to get to your user. Gcore CDN caches your assets at PoPs close to end users, so requests don’t hit origin unless necessary. Once cached, assets are delivered in a few milliseconds.Lower billsMost object storage providers charge $80–$120 per TB in egress fees. By fronting your storage with a CDN, you only pay egress once per edge location—then it’s all cache hits after that. If you’re using Gcore Storage and Gcore CDN, there’s zero egress fee between the two.Caching isn’t the only way you save. Gcore CDN can also compress eligible file types (like HTML, CSS, JavaScript, and JSON) on the fly, further shrinking bandwidth usage and speeding up file delivery—all without any changes to your storage setup.Less origin traffic and less data to transfer means smaller bills. And your storage bucket doesn’t get slammed under load during traffic spikes.Simple scaling, globallyThe CDN takes the hit, not your bucket. That means fewer rate-limit issues, smoother traffic spikes, and more reliable performance globally. Gcore CDN spans the globe, so you’re good whether your users are in Tokyo, Toronto, or Tel Aviv.Setup guide: Gcore CDN + Gcore Object StorageLet’s walk through configuring Gcore CDN to cache content from a storage bucket. This works with Gcore Object Storage and other S3-compatible services.Step 1: Prep your bucketPublic? Check files are publicly readable (via ACL or bucket policy).Private? Use Gcore’s AWS Signature V4 support—have your access key, secret, region, and bucket name ready.Gcore Object Storage URL format: https://<bucket-name>.<region>.cloud.gcore.lu/<object> Step 2: Create CDN resource (UI or API)In the Gcore Customer Portal:Go to CDN > Create CDN ResourceChoose "Accelerate and protect static assets"Set a CNAME (e.g. cdn.yoursite.com) if you want to use your domainConfigure origin:Public bucket: Choose None for authPrivate bucket: Choose AWS Signature V4, and enter credentialsChoose HTTPS as the origin protocolGcore will assign a *.gcdn.co domain. If you’re using a custom domain, add a CNAME: cdn.yoursite.com CNAME .gcdn.co Here’s how it works via Terraform: resource "gcore_cdn_resource" "cdn" { cname = "cdn.yoursite.com" origin_group_id = gcore_cdn_origingroup.origin.id origin_protocol = "HTTPS" } resource "gcore_cdn_origingroup" "origin" { name = "my-origin-group" origin { source = "mybucket.eu-west.cloud.gcore.lu" enabled = true } } Step 3: Set caching behaviorSet Cache-Control headers in your object metadata: Cache-Control: public, max-age=2592000 Too messy to handle in storage? Override cache logic in Gcore:Force TTLs by path or extensionIgnore or forward query strings in cache keyStrip cookies (if unnecessary for cache decisions)Pro tip: Use versioned file paths (/img/logo.v3.png) to bust cache safely.Secure access with signed URLsWant your assets to be private, but still edge-cacheable? Use Gcore’s Secure Token feature:Enable Secure Token in CDN settingsSet a secret keyGenerate time-limited tokens in your appPython example: import base64, hashlib, time secret = 'your_secret' path = '/videos/demo.mp4' expires = int(time.time()) + 3600 string = f"{expires}{path} {secret}" token = base64.urlsafe_b64encode(hashlib.md5(string.encode()).digest()).decode().strip('=') url = f"https://cdn.yoursite.com{path}?md5={token}&expires={expires}" Signed URLs are verified at the CDN edge. Invalid or expired? Blocked before origin is touched.Optional: Bind the token to an IP to prevent link sharing.Debug and cache tuneUse curl or browser devtools: curl -I https://cdn.yoursite.com/img/logo.png Look for:Cache: HIT or MISSCache-ControlX-Cached-SinceCache not working? Check for the following errors:Origin doesn’t return Cache-ControlCDN override TTL not appliedCache key includes query strings unintentionallyYou can trigger purges from the Gcore Customer Portal or automate them via the API using POST /cdn/purge. Choose one of three ways:Purge all: Clear the entire domain’s cache at once.Purge by URL: Target a specific full path (e.g., /images/logo.png).Purge by pattern: Target a set of files using a wildcard at the end of the pattern (e.g., /videos/*).Monitor and optimize at scaleAfter rollout:Watch origin bandwidth dropCheck hit ratio (aim for >90%)Audit latency (TTFB on HIT vs MISS)Consider logging using Gcore’s CDN logs uploader to analyze cache behavior, top requested paths, or cache churn rates.For maximum savings, combine Gcore Object Storage with Gcore CDN: egress traffic between them is 100% free. That means you can serve cached assets globally without paying a cent in bandwidth fees.Using external storage? You’ll still slash egress costs by caching at the edge and cutting direct origin traffic—but you’ll unlock the biggest savings when you stay inside the Gcore ecosystem.Save money and boost performance with GcoreStill serving assets direct from storage? You’re probably wasting money and compromising performance on the table. Front your bucket with Gcore CDN. Set smart cache headers or use overrides. Enable signed URLs if you need control. Monitor cache HITs and purge when needed. Automate the setup with Terraform. Done.Next steps:Create your CDN resourceUse private object storage with Signature V4Secure your CDN with signed URLsCreate a free CDN resource now
How do CDNs work?
Picture this: A visitor lands on your website excited to watch a video, buy an item, or explore your content. If your page loads too slowly, they may leave before it even loads completely. Every second matters when it comes to customer retention, engagement, and purchasing patterns.This is where a content delivery network (CDN) comes in, operating in the background to help end users access digital content quickly, securely, and without interruption. In this article, we’ll explain how a CDN works to optimize the delivery of websites, applications, media, and other online content, even during high-traffic spikes and cyberattacks. If you’re new to CDNs, you might want to check out our introductory article first.Key components of a CDNA CDN is a network of interconnected servers that work together to optimize content delivery. These servers communicate to guarantee that data reaches users as quickly and efficiently as possible. The core of a CDN consists of globally distributed edge servers, also known as points of presence (PoPs):Origin server: The central server where website data is stored. Content is distributed from the origin to other servers in the CDN to improve availability and performance.Points of presence (PoPs): A globally distributed network of edge servers. PoPs store cached content—pre-saved copies of web pages, images, videos, and other assets. By serving cached content from the nearest PoP to the user, the CDN reduces the distance data needs to travel, improving load times and minimizing strain on the origin server. The more PoPs a network has, the faster content is served globally.How a CDN delivers contentCDNs rely on edge servers to store content in a cache, enabling faster delivery to end users. The delivery process differs depending on whether the content is already cached or needs to be fetched from the origin server.A cache hit occurs when the requested content is already stored on a CDN’s edge server. Here’s the process:User requests content: When a user visits a website, their device sends a request to load the necessary content.Closest edge server responds: The CDN routes the request to the nearest edge server to the user, minimizing travel time.Content delivered: The edge server delivers the cached content directly to the user. This is faster because:The distance between the user and the server is shorter.The edge server has already optimized the content for delivery.What happens during a cache miss?A cache miss occurs when the requested content is not yet stored on the edge server. In this case, the CDN fetches the content from the origin server and then updates its cache:User requests content: The process begins when a user’s device sends a request to load website content.The closest server responds: As usual, the CDN routes the request to the nearest edge server.Request to the origin server: If the content isn’t cached, the CDN fetches it from the origin server, which houses the original website data. The edge server then delivers it to the user.Content cached on edge servers: After retrieving the content, the edge server stores a copy in its cache. This ensures that future requests for the same content can be delivered quickly without returning to the origin server.Do you need a CDN?Behind every fast, reliable website is a series of split-second processes working to optimize content delivery. A CDN caches content closer to users, balances traffic across multiple servers, and intelligently routes requests to deliver smooth performance. This reduces latency, prevents downtime, and strengthens security—all critical for businesses serving global audiences.Whether you’re running an e-commerce platform, a streaming service, or a high-traffic website, a CDN ensures your content is delivered quickly, securely, and without interruption, no matter where your users are or how much demand your site experiences.Take your website’s performance to the next level with Gcore CDN. Powered by a global network of over 180+ points of presence, our CDN enables lightning-fast content delivery, robust security, and unparalleled reliability. Don’t let slow load times or security risks hold you back. Contact our team today to learn how Gcore can elevate your online presence.Discover Gcore CDN
What is a CDN?
Whether you’re running an e-commerce store, streaming videos, or managing an app, delivering content quickly and reliably is essential to keeping users satisfied. This is where a content delivery network (CDN) comes into play. A CDN is a globally distributed network of servers that work together to deliver content to users quickly, minimizing latency. Instead of relying on a single server, a CDN uses edge servers—called points of presence (PoPs)—to cache or temporarily store copies of your content closer to the user. This optimizes website performance, drastically cuts down on load times, and improves the user experience. Research suggests that a one-second lag in page loading speed can significantly decrease engagement, citing a 7% decline in conversions and an 11% decrease in page visits. CDNs considerably speed up load times by reducing latency through content caching closer to the user. By splitting up your website’s traffic over several servers, CDNs also protect it from online threats. Distributed denial-of-service (DDoS) attacks are lessened by CDNs because they spread traffic among a network of servers, improving security and availability. What Challenges Do CDNs Address?CDNs tackle two key challenges to improve website and application performance: Slow load times: Users sometimes experience frustratingly slow-loading websites and applications. This is because data must travel from a server to the end user’s device, causing latency. CDNs move servers closer to end users, reducing the distance that data has to travel and speeding up load times. High traffic volumes: High traffic volumes during peak times or cyberattacks can overwhelm your website and lead to latency or site unavailability. Since CDNs distribute traffic across multiple servers, no single server is overwhelmed. This helps prevent crashes and delivers smooth performance for all users.Common Use Cases for CDNsCDNs are vital across a range of industries, providing measurable improvements in content delivery and user experience. E-commerce websites use CDNs to guarantee quick page loading and frictionless shopping experiences, even during periods of high traffic. Speed is crucial for online businesses. A study found that the average cost of downtime for e-commerce websites is around $500,000 per hour. This includes lost sales, operational costs, and long-term damage to brand reputation Streaming services rely on CDNs to deliver high-quality video content while minimizing buffering. Netflix states that its CDN contributes to the daily delivery of over 125 million hours of streaming content, guaranteeing a seamless experience for customers worldwide. Gaming companies use CDNs to lower latency and provide a consistent real-time user experience, especially during live multiplayer matches, where it is essential to preserve an engaging and fair gameplay experience. News outlets and blogs benefit from CDNs by ensuring their content loads quickly for readers around the world, during large-scale traffic surges, especially during major events like elections or breaking news. The Benefits of a CDNFaster Website PerformanceEvery second counts when delivering content online. Slow websites frustrate users and harm your business. CDNs speed up content delivery by caching data closer to users, reducing page and file load times. Whether you’re delivering static content (such as CSS, HTML or JPG files) or dynamic content (like data generated by user interactions or API calls), a CDN ensures optimal performance regardless of user location. While factors like DNS settings, server configurations, and code optimization all play a role, the physical distance between your origin server and your users is a factor that only a CDN can solve. Increased Availability and ReliabilityDowntime can seriously affect online businesses. Hardware failures, traffic surges, and cyberattacks can reduce your website’s availability, harming your customers’ experience and causing financial or reputational damage. In fact, around 98% of organizations report that just one hour of downtime costs over $100,000. A CDN ensures that your website remains available, fast, and reliable by leveraging essential features such as: Load balancing: This process dynamically distributes traffic across multiple servers to optimize performance and prevent overload.Intelligent failover: Automatically redirects traffic if a server goes offline, ensuring continuity with minimal disruption.Anycast routing: Directs users to the closest or most efficient server, further reducing latency and enhancing response times.Security FeaturesAs cyber threats continue to grow in sophistication and frequency, securing your website or application is more critical than ever. According to recent statistics from Cobalt’s 2024 Cybersecurity Report, weekly attacks worldwide increased by 8% in 2023, while attackers used more sophisticated strategies to exploit vulnerabilities. Strong security measures that not only safeguard your website but also guarantee optimal performance are necessary in light of these evolving threats. CDN security features not only improve website performance but also defend against a wide range of attacks by distributing traffic across multiple servers, which mitigates DDoS attacks and filters out malicious traffic before it reaches your website. These features, from DDoS protection to safeguarding APIs, help maintain uptime, protect sensitive data, and guarantee a seamless user experience. Most modern solutions like Gcore CDN integrate robust security measures into content delivery, such as:SSL/TLS encryption facilitates secure data transmission by encrypting traffic, protecting sensitive information from being intercepted.L3/L4 DDoS protection blocks large-scale cyberattacks designed to flood your network and disrupt services.L7 DDoS protection guards your website from more complex attacks targeting how the website functions, helping it continue to operate smoothly.Web application firewall (WAF) acts as a shield, blocking harmful traffic such as hacking attempts or malicious scripts before they can affect your site.API security protects the communication between your application and other software, preventing unauthorized access or data theft.Bot protection identifies harmful automated traffic (bots), preventing activities like data scraping or login attempts with stolen credentials while allowing useful bots (like search engine crawlers) to function normally. Elevate Your Online Experience With a CDNA CDN is no longer a luxury—it’s a necessity for businesses that want to deliver fast, reliable, and secure online experiences. Whether your goal is to optimize performance, manage high traffic, or protect your site from attacks, a well-configured CDN makes all the difference.Ready to enhance your website’s performance? Our futureproof CDN runs on a global network of over 180 points of presence, so your customers get outstanding performance no matter where in the world they’re located. Get in touch with our team today to learn how our CDN can benefit your business.Discover Gcore CDN
Subscribe to our newsletter
Get the latest industry trends, exclusive insights, and Gcore updates delivered straight to your inbox.