Anycast CDN Resource Settings
Numerous additional settings are available via the API.Couldn’t find what you need? - We might have it, ask our Helpdesk!
For each Anycast CDN resource, you have access to following settings and information:
- General information overview
- Resource statistics
- Domain management
- Content delivery settings
- Content access
- Cache configuration
¶ Resource list
To view a list of your Anycast CDN resources, detailed information about each of them, and to check or change the settings of a selected resource, go to the CDN resources section.
Here you can view all of your resources, or filter out a particular resource or group of them based on ID, name, source, domain, or current state by using the filter in the page title.
.png)
If the filter is left blank, all of your resources will be displayed in a list view, including information about related domains, each resource’s source, state, and last update date immediately available for each resource, as shown above.
Click the column name in the list title to sort your resources into the appropriate category for easy reference.
To display full information about a particular resource and access its settings, click on its name in the list.
This will take you to the page of the selected Anycast CDN resource, where the following tabs will be available:
- Overview - overview data of the resource and general stats widgets
- Statistics - detailed resource statistics with filters by periods and domains
- Domains - resource domains customization page
- Preferences - page of content delivery settings
- Access Protection - resource access settings page
- Manage Cache - cache configuration page
¶ General information overview
You can view the general information for the selected Anycast CDN resource on the Overview: tab
In the general information section you’ll find the following data about the selected resource:
- ID - internal resource identifier of within the CDN
- System domain - domain created by the system to access the resource files
- Resource origin - resource directory, http(s) link, source or bucket address
- Created - date and time of the resource creation
- Updated - date and time of the last update of the resource
The right side displays widgets of statistics for this resource:
Note, the widgets will display information as statistics about the resource usage are collected. Immediately after the resource is created, the widgets will be empty.
- Cache hits - number of times cached file was accessesd via the CDN
- Non-cache hits - number of times not cached file was requested and proxied by the CDN to the origin.
- Plain traffic - HTTP traffic statistics for the resource
- HTTPS traffic - HTTPS traffic statistics by resource.
¶ Resource statistics
The Statistics tab provides detailed data on traffic consumption, average bandwidth, cache volume used and hits (number of times your file has been accessed).
By default, you’ll see stats for the current month. More detailed statistics are available on the Anycast CDN Dashboard.
The traffic graph is broken down into normal (HTTP) and HTTPS traffic. Hybrid graph combines traffic and hits data.
For more details on calculating bendwich at the 95th percentile, read article on traffic calculation.
Using the calendar filter, you can set a specific period for displaying statistics as shown below.
¶ Resource domains
Information about the resource domains is reflected in the Domains tab:
Here you will find two types of domains:
- System domains - automatically created by the system to access the resource files
- User domains - domains added by the user to access the resource files.
¶ Domain management
You can Add, remove and Configure user domains. When you click the Add user domain button, a dialog for creating a new domain appears:
Specify a third-order or lower domain name.
Next, select the SSL certificate you want to apply to the domain from the drop-down list:
- Let’s Encrypt certificate (auto) - automatically created by the provider
- Custom certificate (user) - user-added certificate
If the required SSL certificate is not listed, it must be added to be applied to the new domain. To add it, click Add new SSL-certificate in the certificate drop-down list.
You also can add a bundle of your domains at once, for this purpose use the ADD BULK button and specify all domains of this resource.
Here you can issue a Let’s Encrypt certificate in bulk for all added domains, or you can apply existing certificates that have already been uploaded to the user panel.
To confirm adding a list of domains, click Add User Domains.
¶ SSL-certificates
When selecting Add new SSL certificate from the drop-down list, you will be taken to the SSL certificates section of the user panel to add a new certificate.
**Only after entering all required data and saving it, the certificate will become available for selection in the drop-down list.
After clicking the Add domain button - the resource will be added a domain with preset (default) settings. The Cancel button cancels adding a custom domain.
¶ Content delivery settings
On the Preferences tab for each resource, you can configure such settings in any combination:
.png)
Note, using the originshield will result in increased CDN traffic.
¶ Origin shield
Enable the origin shield by setting Use origin shield setting to active. With origin shield enabled, only the shield server will contact your source server (origin) to generate its CDN cache. Other CDN servers will contact the shield server to build their own cache. This reduces the origin load.
¶
The Origin (or the Source Server) — Your physical or virtual HTTP(S)-accessible server hosting the source directory with files you intend to distribute via the CDN, primarily designed to handle incoming requests. For example, the origin may host your website’s source code or content folders. Anycast CDN uses the source server to cache the original files and proxy requests for non-cached files.
There are two origin shild options available for you to choose from:
¶ ☑ Auto (Origin-based)
The auto option means that the CDN will utilize the server closest to your origin server as the shield-server.
¶ ☑ Custom (Multi-shield)
The custom option allows the CDN to use different shield servers for different geographic locations. When enabled, the location of available shield servers will be displayed in the user panel.
This will reduce the number of direct requests to the origin and ease the load on your source servers. The default origin shield location is determined automatically.
.png)
To select the preferred shild-server location manually, activate the origin shield, select the Custom option as shown above and activate the more geographically appropriate shild from those offered.
¶ IPv6 support
According to various sources, 97% to 99% of requests will come over IPv4.
Allow content to be sent to users over IPv6. With this setting enabled, users will be able to access your content over the more advanced IPv6 network protocol, which replaced IPv4.
This setting, among other things, can eliminate some connectivity issues. IPv6 is more compatible with mobile networks and more resilient.
To enable IPv6 support for the current resource, move the corresponding switch to the active position as shown below.
.png)
¶ HTTP-to-HTTPS
In the image above, automatic user redirection from HTTP to HTTPS is enabled. This setting provides a higher level of privacy and protection for the user. Note, this setting is disabled by default.
This setting is mandatory for SEO optimization of the web page.
HTTPS uses encryption by default when exchanging information between the user and the server, ensuring that third parties cannot decode the transaction even if they could intercept it in any way.
¶ Proxied extentions
By default, the function is disabled and the list of formats is empty.
If the content in your resources directory is diverse and not everything needs to be distributed via CDN, set the file types to be distributed via CDN here, as shown below:
.png)
Other extensions the CDN will not cache. When requesting file formats not listed, CDN will return a 403 error.
When this setting is activated, the list of extensions you specify overwrites the default list of proxied extensions.
To enable or disable any of the parameters above, move the corresponding switch to the active or inactive position. Each parameter’s status, On or Off, is displayed to the right of its name.
Also on this tab, you can view and edit the source of the resource set when it was created.
.png)
¶ Preferred IP-version
You can select the preferred origin connection IP version (IPv4 or IPv6) for the external URL as shown below.
.png)
In case the preferred version is unaplicable due to network configuration, hardware set-up, or other factors, the connection will default to the supported protocol version.
After making the necessary changes to the configuration, click Save Changes.
¶ Content access
On the Access Protection tab (access settings), you can restrict certain users from accessing your content via CDN.
The following settings, in addition to HSTS, will help you restrict unwanted activity, including hotlinking attempts.
.png)
To enable or disable any of the protection settings, move the corresponding switch to the active or inactive position. The status of each setting, On or Off, is displayed to the right of its name.
¶ Referrer check
Referrer settings: Here you can specify a list of domains that will be automatically allowed / denied access to this resource.
When using the “white” list, you can limit traffic for requests with a missing referrer. Your custom domains will automatically have access.
Empty, firewall or proxy wiped referrers, are allowed by default. You can overwrite this behavior by enabling blocking by the appropriate settings on the Allowlist tab highlighted below:
.png)
For Google subdomain referrers (google.* and *.google.com), you can use wildcard value.
¶ Regional limitation
Country protection parameter: зhere you can specify a list of countries for which your content will be available (Allowlist) or a list of countries whose users will not be allowed to access the content (Blocklist). To do this, select all required countries from the drop-down list.
Depending on whether you want to set a blacklist or whitelist, switch between the Blocklist or Allowlist restriction type, respectively.
.png)
¶ IP control
IP protection parameter: As shown above, you can set IP address blocklist or allowlist separated by commas, you. an also add the IP-mask to block or allow access here.
¶ HSTS
HTTP Strict-Transport-Security - is a mechanism to force a transition from HTTP to HTTPS protocol. You can specify a period of time for which the user’s browser will remember this setting (in days and hours), as shown below.
.png)
¶ CORS
Cross-Origin Resource Sharing - When CORS is activated, the CDN uses an additional header with a wildcard value, providing cross-origin access to your resource.
ccess-control-allow-origin: *
Once you have configured all the necessary access settings, click Save changes.
¶ Cache configuration
On the Manage Cache tab, you have access to clear the cache and configure caching for the resource as shown below.
.png)
¶ Forced cache flushing
Please note, clearing the cache will temporarily increase the load and traffic on your origins and reduce the availability of your content.
By default, Purge (forced clearing) of the cache is done point by point on a specific path (By path), to clear the CDN cache you need to specify the full path to the files you want to clear the cache on, as in the following example:
.png)
After specifying the desired paths to purge the cache, click Purge Cache By Path. The CDN will more quickly process a single task with multiple paths to purge, rather than a corresponding number of separate tasks to purge each individual path.
If there’s a need to purge the cache By the Path for a large number of resources, we recommend doing so via the API.
If there is such a need, the CDN cache by resource can be cleared completely by selecting Total (full) in the forced cache clearing options (Purge):
.png)
and click Total Cache Purge.
¶ Resource caching
By default Anycast CDN caches your files and the Use CDN cache setting will be enabled for the share. If there is a need, caching of the share can be disabled by turning the switch to inactive status (Off) as in the image below: :
.png)
With caching disabled, the CDN will proxy client requests directly to the source.
Note, disabling caching may result in reduced availability of your content and increased load on your servers as all traffic will be redirected to the source.
¶ Cache lifespan
In the resource caching settings, you can define the following parameters:
¶
TTL - the time the file exists in the cache. By default, all TTLs are 2 days. TTL cannot exceed 365 days. You can define TTL settings in days, hours, minutes and seconds.
- Inactive TTL specifies the period after which the cache of a file that has not been requested will be deleted.
- Active TTL defines the period after which the cached file will be re-requested from the origin and updated in the cache.
*If the file has not been updated on the origin, only the headers will be re-cached and the file will not be re-downloaded. - Browser Active TTL determines, how long the file will be stored in the browser’s cache.
*The CDN only returns the headers, and the browser uses its own cache for the file accordingly.
.png)
¶ Headers override
If you add the following headers when distributing files:
- X-Accel-Expires
- Expires or
- Cache-Control
the Override by response header params setting will allow you to override the TTL parameters set for the resource.
By default, headers are managed by the CDN, enable this feature if you want to inherit the origin’s headers.
When Override by response header params is enabled, the previously set Active TTL (Update Time To Live) and Browser Active TTL parameters for the resource will not be honored.
¶ Additional cache settings
Min requests to cache — Here you can override the minimum number of requests to a file, after which CDN will load it into cache. The default value is 1 and the maximum is 10 requests.
.png)
Cache gzipped content separately — When this option is active, relying on the Accept-Encoding: gzip header, gzip content will be cached separately from the uncompressed content. The setting is inactive by default.
Truncate URL params — truncating GET request parameters from URLs is enabled by default. In this setting you can specify file extensions for which truncation will be performed. By default the setting is active for the following extensions: .jpg .jpeg .gif .gif .png .tiff .bmp .svg. Setting a different list of values will overwrite it and truncation will only work for the extensions you specify.