Zone Settings

KeyCDN’s zones come with a number of configurable zone settings. Here is a list and description of the CDN features for both Push and Pull Zones:

Force Download
Forces files to download instead of opening (Content-Disposition header).
Enables cross-origin resource sharing (CORS). This will set the header to: Access-Control-Allow-Origin “*”. Make sure this option is enabled if you are using resources such as fonts, css files, icons, etc from another domain.
Enables GZip compression on: text/plain, text/css, text/js, text/javascript, text/xml, text/x-component, application/json, application/x-javascript, application/javascript, application/xml, application/xml+rss, application/atom+xml, application/xhtml+xml, image/svg+xml, font/ttf, font/eot, font/otf.
Adding or modifying the Expires and Cache-Control response header fields that are sent to the client if the response code equals 200, 201, 204, 206, 301, 302, 303, 304, or 307. This setting overwrites the value received from the origin in case of a pull zone. The expire value only has an impact on the web browser cache and not on the KeyCDN cache.

Cache-Control: no-cache
Push Zone: disabled
Pull Zone: as received from the origin (header honoring)
Cache-Control: max-age=t, where t is the time specified in the directive in minutes converted to seconds
Block Bad Bots
Block bad bots draining your credits. Bad bots HTTP response code is 451.
This feature enables support for HTTP/2 in combination with SSL.
Allow Empty Referrer
This directive is only relevant if you are using Zonereferrers. It allows you to specify if you want to allow empty referrers or not.
Secure Token
Restrict access to all the files within this zone by secure access tokens. This defines a time interval for which the specified zone urls should be accessible. Once it expires, the urls will return a 403 error.
Shared SSL
Enables the wildcard certificate for this zone. (https://*
Custom SSL
Custom SSL is fully supported (also known as private SSL). They reflect one or more Zonealiases. (e.g.:
Letsencrypt SSL
Automatically creates a certificate for your Zonealias (limited to only one Zonealias), e.g.
Force SSL
Redirects HTTP requests to HTTPS. Returns a 301 Moved Permanently.