Blog/websec

Insights and advice for improving web performance.

Block Referrer - Blacklist Unauthorized Requests

Block Referrer - Blacklist Unauthorized Requests

The feature Block Referrer is now available! This allows the blacklisting of domains that are hotlinking content. Previously, only referrer whitelisting was available, which required all necessary domains related to the Zone to be added. This new feature can be enabled in just a few clicks and can result in significant costs savings if the content is hotlinked on other websites. An unauthorized request will result in an HTTP 403 error and the asset will not be delivered.

June 18, 2020 Read more
Using a Secure CDN to Accelerate Your Content

Using a Secure CDN to Accelerate Your Content

Security is very important to us here at KeyCDN which is why we have various security features to help not only protect your content but also prevent unauthorized access to your CDN account. In this post we'll go over what makes KeyCDN a secure CDN and which features we provide to increase the security of your content and account. The importance of security According to a survey conducted by TeleSign, 40% of users said they had a security incident in the last year, meaning they had an account hacked, password stolen, or were given a notice that their personal information had been compromised.

November 8, 2018 Read more

KeyCDN Launches TLS 1.3 with 0-RTT Support

It has been quite some time since TLS underwent a major update. TLS 1.2 was defined in RFC 5246 10 years ago, back in August 2008. Now, 10 years later a faster, stronger, and more reliable version of TLS has been released. Today we're very excited to announce that KeyCDN has officially launched TLS 1.3 support for all customers. This brings with it some exciting benefits which we will discuss throughout this article.

September 27, 2018 Read more

DDoS Protection - Why It Is Needed Now More Than Ever

In 2018 the internet has seen some of the largest DDoS attacks ever. Unfortunately, as the web rapidly evolves, so do the number of DDoS attacks and hackers with malicious intent. For a lot of larger companies, fending off new attacks has almost become a normal routine now has they have to constantly stay vigilant. Compared to a few years ago, it is more important now than ever to have a DDoS protection plan in place before this happens.

September 13, 2018 Read more

Top 5 WordPress Security Threats and How to Fix Them

WordPress is the most popular content management system (CMS) on the Internet today. There are around 74,652,825 sites running on WordPress and around half of those are hosted on the free WordPress.com site. The rest are hosted on private servers. There is a reason so many CMS-based sites use WP. WordPress is a smart and intuitive platform that nearly anyone can learn to use. There are numerous plugins and themes available to help website owners customize the look and features of a site.

June 21, 2018 Read more

Deprecating TLS 1.0 and 1.1 - Enhancing Security for Everyone

Out with the old and in with the new is an inevitable part of the tech industry. Things can change quickly and it's important to keep an eye on new software releases while simultaneously moving away from outdated versions. Today, we would like to announce that we will be deprecating TLS versions 1.0 and 1.1 on March 30, 2018, and moving ahead with improved ciphers for enhanced security. What is TLS?

January 18, 2018 Read more

A Look at the Improvements That TLS 1.3 Brings

Nearly a decade has passed since the previous major encryption protocol update, yet the age of TLS 1.3 is finally upon us. Although it's still very new, the new TLS is already getting a lot of attention from web developers. In addition to being faster and more secure, TLS 1.3 has numerous other improvements over its predecessors. This guide will explain how developers can take full advantage of the features the latest version of TLS has to offer.

November 30, 2017 Read more

A 6 Part Introductory OpenSSL Tutorial

OpenSSL is among the most popular cryptography libraries. It is most commonly used to implement the Secure Sockets Layer and Transport Layer Security (SSL and TLS) protocols to ensure secure communications between computers. In recent years, SSL has become basically obsolete since TLS offers a higher level of security, but some people have gotten into the habit of referring to both protocols as SSL. Cryptography is tricky business, and OpenSSL has too many features to cover in one article, but this OpenSSL tutorial will help you get started creating keys and certificates.

October 5, 2017 Read more

Perfect Forward Secrecy - Why You Should Be Using It

Perfect forward secrecy, which is sometimes just referred to as forward secrecy, is a method of ensuring that all transactions sent over the Internet are secure. This method of encryption prevents a hacker from being able to access data from a group of transactions even if they're able to hack the encryption for a single communication sent over the web. By creating a unique session key for each transaction instead of relying on sessions to keep connections open, hackers can't gain access to data from more than a single communication between a server and a user.

September 14, 2017 Read more

11 Web Application Security Best Practices

Like any responsible website owner, you are probably well aware of the importance of online security. You may think that you have your ducks in a row in this department, but like many other website owners and companies, there probably hasn't been enough done to secure your web application(s). If your website was affected by the massive DDoS attack that occurred in October of 2016, then you'll know that security is a major concern, even for large DNS companies like Dyn.

December 29, 2016 Read more
KeyCDN uses cookies to make its website easier to use. Learn more about cookies.