Previously, it was challenging to connect Web Security and CDN services for the same domain. The issue was that when using a CDN, the edge servers that cache content sent numerous requests to your application from a few IP addresses of our internal subnets. This made it difficult for Web Security to effectively apply the Bot protection mechanism since it couldn't distinguish between requests from legitimate users from an internal network IP and malicious requests from bots.
To avoid blocking legitimate requests, we recommended connecting CDNs and Web Protection to separate subdomains. However, it was not convenient for customers.
We changed the bot-identifying process, thereby resolving the connectivity conflict between Web Security and CDN. Now, our security system analyzes web request characteristics to block robotic activity rather than relying on specific identifying information. This allows you to connect Web Security and CDN services for the main domain without subdomains.
1. Create a resource under the protection according to the "Create and configure a protected resource" guide.
2. Go to the Resources tab and copy the IP address from the "Protected IP" column.
Note: The IP from the example (5.188.189.82) will be different from yours.
3. Go to the CDN resources tab and create a CDN resource according to the appropriate guide: Create a CDN resource for only static files or an entire site.
3.1. If you want to use Web Secure with the CDN resource for only static files, specify the following values during creation:
Complete the creation of the CDN resource by making all the necessary settings.
3.2. If you want to use Web Secure with the CDN resource for an entire site, specify the following values during creation:
Complete the creation of the CDN resource by making all the necessary settings.
That's it! This is how you connect Web Secure and CDN for the same domain.
Was this article helpful?
Discover the all-in-one Web security solution by Gcore