Speed up and protect your WordPress, Joomla or any other platform with StackPath CDN (Content Delivery Network) and WAF (Web Application Firewall)
Site load time and security are two essential for online business success.
If your site loads slow, your potential customer will exit before they see your product.
If your site is not secured enough, an attacker will bring down your site or make it unusable.
It’s clear that you need to have something in place to make your site loads faster globally and protect from online vulnerabilities. And, that’s where StackPath helps!
StackPath offers secure CDN and cloud-based WAF under a single plan called Edge Delivery. Before jumping to implementation, let’s take a look at some of the features.
- Global network with 45 edge locations globally
- Intelligent caching – deliver content from the user’s nearest edge location, configure what to cache and for how long, purge caching with one click
- Stop spam and bad bots
- Layer 7 DDoS protection
- Protection against OWASP top 10 security vulnerabilities
- Real-time monitoring and analytics
- FREE SSL
- Create custom WAF rules
and a lot more…
Now, let’s look at the implementation.
StackPath doesn’t have a FREE plan but offers one month trial which I will leverage to demonstrate.
- Go to StackPath and create an account
- It will prompt you to plan details, click continue
I’ve selected Edge Delivery 20 which includes CDN and WAF both.
- Enter the domain name and Next
- It will scan for existing DNS records and show you a list, click Next
In most of the scenario, you want to improve everything. But you do have an option to uncheck if you don’t want any.
- Select the source like a web server and enter the IP address. If you are not sure about IP address, then you can ask your hosting provider.
- Next, you will have name server details which you will need to configure at your domain registrar like GoDaddy, Namecheap, etc.
You need to login to the domain registrar and update the name server as given by StackPath. Again, if you are not sure how to do then talk to your registrar
- Click View Stack
Note: updating DNS record may take some time to propagate it globally. You can use the DNS record lookup tool to verify the records.
- It will take you to the overview page where you can see your site
This concludes the site is on-boarded to StackPath. But, wait…
It’s not done yet. Let’s take a look at the following essential configurations for performance improvement and security.
Make it HTTPS
Secure and your site with HTTPS. And, not just that Google has announced that HTTPS would be one of the search ranking factors too. So, its must!
The good thing is you don’t have to pay for SSL certificate. You can get it in FREE.
- Select the site under CDN tab >> EdgeSSL
- Generate FREE SSL certificate
- Let it be default selection on the delivery domain and click Continue
- It will take a few minutes, and you should see your site active for EdgeSSL Certificate.
Next, will force all the requests to happen over HTTPS.
- Go to EdgeRules and turn ON the Force HTTPS Connections
Now, the site is accessible over HTTPS.
On the Settings tab, you can configure the compression level, cache, and other improvements.
- Lifetime – do you want to control files cache expiry from your web server? If not, you can set it at the CDN level.
- Gzip compression – turn it on and compression level anything between 4 to 6 is good.
- Content availability – turn on, so StackPath shows cached version when there is a request, and a web server is offline
- Browser cache TTL – leverage browser caching. Higher duration, the better.
- HTTP/2 support – turn it on
The good thing is, for most of the sites – you don’t need to configure anything. All the necessary security protection (XSS, CSRF, SQLi, SPAM, RFI, DDoS, etc.) is turned ON. But you can always review them by going to the policies tab in WAF menu. If you are not sure, you can always ask StackPath support.
Custom Rules – its powerful feature where you can create a rule to block, allow, challenge, monitor based on the following.
- IP/IP ranges
- User Agent
- Content Type
- HTTP Method
- File Extension
Wondering how it can help?
A quick example – let’s say you want to block traffic from a specific country. You want to block bot user-agent. Block DELETE/TRACE/PUT HTTP method, and so on…
Why use another service to monitor your site? StackPath got monitoring included!
Go to Monitoring menu and create a new monitor for your site.
As you can see, there are around 40 locations to test the uptime, and you can adjust the alerting.
StackPath can be beneficial if you are looking for a premium solution to make your sites load faster and secure from online risk. As they offer one month trial, give a try to see how it goes. It doesn’t take more than 15 minutes!