Geekflare
Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
By Chandan Kumar in Security  |  Last updated: January 17, 2023
Share on:

Supercharge and Secure Your Site with StackPath in 15 Minutes

stackpath
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

Speed up and protect your WordPress, Joomla or any other platform with StackPath CDN (Content Delivery Network) and WAF (Web Application Firewall)

Site load time and security are two essential for online business success.

How?

If your site loads slow, your potential customer will exit before they see your product.

If your site is not secured enough, an attacker will bring down your site or make it unusable.

It’s clear that you need to have something in place to make your site loads faster globally and protect from online vulnerabilities. And, that’s where StackPath helps!

StackPath offers secure CDN and cloud-based WAF under a single plan called Edge Delivery. Before jumping to implementation, let’s take a look at some of the features.

  • Global network with 45 edge locations globally
  • Intelligent caching – deliver content from the user’s nearest edge location, configure what to cache and for how long, purge caching with one click
  • Stop spam and bad bots
  • Layer 7 DDoS protection
  • Protection against OWASP top 10 security vulnerabilities
  • Real-time monitoring and analytics
  • FREE SSL
  • Create custom WAF rules

and a lot more…

Now, let’s look at the implementation.

StackPath doesn’t have a FREE plan but offers one month trial which I will leverage to demonstrate.

  • Go to StackPath and create an account
  • It will prompt you to plan details, click continue

I’ve selected Edge Delivery 20 which includes CDN and WAF both.

  • Enter the domain name and Next

  • It will scan for existing DNS records and show you a list, click Next

In most of the scenario, you want to improve everything. But you do have an option to uncheck if you don’t want any.

  • Select the source like a web server and enter the IP address. If you are not sure about IP address, then you can ask your hosting provider.

  • Next, you will have name server details which you will need to configure at your domain registrar like GoDaddy, Namecheap, etc.

You need to login to the domain registrar and update the name server as given by StackPath. Again, if you are not sure how to do then talk to your registrar 

  • Click View Stack

Note: updating DNS record may take some time to propagate it globally. You can use the DNS record lookup tool to verify the records.

  • It will take you to the overview page where you can see your site

This concludes the site is on-boarded to StackPath. But, wait…

It’s not done yet. Let’s take a look at the following essential configurations for performance improvement and security.

Make it HTTPS

Secure and your site with HTTPS. And, not just that Google has announced that HTTPS would be one of the search ranking factors too. So, its must!

The good thing is you don’t have to pay for SSL certificate. You can get it in FREE.

  • Select the site under CDN tab >> EdgeSSL
  • Generate FREE SSL certificate

  • Let it be default selection on the delivery domain and click Continue

  • It will take a few minutes, and you should see your site active for EdgeSSL Certificate.

Next, will force all the requests to happen over HTTPS.

  • Go to EdgeRules and turn ON the Force HTTPS Connections

Now, the site is accessible over HTTPS.

Performance Settings

On the Settings tab, you can configure the compression level, cache, and other improvements.

  • Lifetime – do you want to control files cache expiry from your web server? If not, you can set it at the CDN level.
  • Gzip compression – turn it on and compression level anything between 4 to 6 is good.
  • Content availability – turn on, so StackPath shows cached version when there is a request, and a web server is offline
  • Browser cache TTL – leverage browser caching. Higher duration, the better.
  • HTTP/2 support – turn it on

WAF

The good thing is, for most of the sites – you don’t need to configure anything. All the necessary security protection (XSS, CSRF, SQLi, SPAM, RFI, DDoS, etc.) is turned ON. But you can always review them by going to the policies tab in WAF menu. If you are not sure, you can always ask StackPath support.

Custom Rules – its powerful feature where you can create a rule to block, allow, challenge, monitor based on the following.

  • IP/IP ranges
  • Header
  • User Agent
  • URL
  • Content Type
  • Organization
  • Country
  • HTTP Method
  • File Extension

Wondering how it can help?

A quick example – let’s say you want to block traffic from a specific country. You want to block bot user-agent. Block DELETE/TRACE/PUT HTTP method, and so on…

Monitoring

Why use another service to monitor your site? StackPath got monitoring included!

Go to Monitoring menu and create a new monitor for your site.

As you can see, there are around 40 locations to test the uptime, and you can adjust the alerting.

Conclusion

StackPath can be beneficial if you are looking for a premium solution to make your sites load faster and secure from online risk. As they offer one month trial, give a try to see how it goes. It doesn’t take more than 15 minutes!

Thanks to our Sponsors
More great readings on Security
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti
    Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Brightdata
    Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • Semrush
    Semrush is an all-in-one digital marketing solution with more than 50 tools in SEO, social media, and content marketing.
    Try Semrush
  • Intruder
    Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder