Secure Your CDN Account to Prevent Unauthorized Access

secure cdn

Security is very important to us here at KeyCDN and so we have added a couple security features to prevent unauthorized access to your CDN account. This includes two-factor authentication, account access rules (restrict access to your account by IP address), and account notifications.

According to a survey conducted by TeleSign, 40% of users said they had a security incident in the last year, meaning they had an account hacked, password stolen, or were given a notice that their personal information had been compromised.

One of the most common reasons for these incidents occurring is because people are not using a complex enough password. According to SplashData’s annual list that they compile, the top ten most widely used passwords are:

  1. 123456
  2. password
  3. 12345
  4. 12345678
  5. qwerty
  6. 123456789
  7. 1234
  8. baseball
  9. dragon
  10. football

These are definitely not the types of passwords we recommend using! Here is a good guide on how to choose a strong password. We also recommend using a free program like KeePass or KeePassX which allow you to generate secure passwords and store them in a database locally on your computer.

Secure CDN Account with Two-Factor Authentication

secure cdn two factor authentication

KeyCDN has added two factor authentication which helps improve account security by requiring the user to provide two forms of authentication in order to log in. KeyCDN uses Google Authenticator to provide an authentication code which is used to log in. Follow the steps below on how to enable it on your account.

  1. Login to your KeyCDN dashboard and navigate to “Account Settings” → “Authentication.” Click on “Enable 2 Factor Auth.” Once this option is selected, two-factor authentication is immediately enabled. Be sure to continue with the following steps before logging out of your account.
    enable 2 factor authentication
  2. Install the Google Authenticator app on your device and add the two-factor authentication secret manually or scan the QR code provided on your screen. If you are on a Microsoft device you can also use the Authenticator app.
    2 factor authentication code
    The next time you log in to your account you will be required to enter in your username and password as well as your auth code.
    keycdn login auth code
    If you want to revert to simply using your username and password, you can disable the additional protection by turning off two-factor authentication in your account settings: https://app.keycdn.com/login

Secure CDN Account by Restricting IP Addresses

secure cdn by ip address

KeyCDN has also added another option to secure your CDN account, and that is the ability to set up account access rules. This allows you to restrict the access to your account by IP (/32) or network (e.g. /24). You can look up your public IP using KeyCDN’s IP location finder tool.

ip location finder

Follow the steps below to enable this on your account.

  1. Login to your KeyCDN dashboard and navigate to “Account Settings” → “Access Rules.” Click on “Add Rule.” Note: Be careful with this feature as you could prevent yourself from accessing your account, especially if you have dynamic IPs. 
    secure cdn account access rules
  2. Enter in your IP address or a range of IPs, such as 110.10.10.10/32 and click “Add.”
    add ip restriction range

Account Notifications

KeyCDN has also added account notifications which will alert the account owner of a successful login or a change in origin URL.  The login notification sends an email to the account owner with information such as the username, login time, and the IP address of the user that logged in. The origin change notification sends the user an email providing them with the zone that was modified, the changed origin URL address, and the time that the change took place.

Follow the steps below to enable this on your account.

  1. Login to your KeyCDN dashboard and navigate to “Account Settings” → “General.” Click on “Edit Account Details.”
  2. You can enable one or both notifications by selecting “enabled” and clicking “Save.”
    cdn account notifications

You can disable these at any time from within account settings.

Additional Security Hardening Options

In addition to securing your CDN account, KeyCDN has many other security features available.

Summary

We highly recommend KeyCDN users take advantage our new two-factor authentication, account access rules, and account notifications to better secure your CDN account. If anything, they will help add peace of mind knowing that your account is safe and it is hardened against unauthorized access in the future.

As always feel free to ask us questions in our community or via support if you have problems.

Related Articles

Secure Your CDN Account to Prevent Unauthorized Access was last modified: April 25th, 2016 by Brian Jackson
Share This