Blog > Security

The Evolution of Cybersecurity in the Emerging Age of Edge Compute

Molly Wojcik | October 15, 2018 | Edge, Security

Edge computing promises to improve efficiency when it comes to how data is gathered, processed and analyzed, but it also creates the potential for a whole new threat landscape. IoT devices are notorious for their security loopholes and as users rush to get ahead of the curve and implement compute at the edge, it is quickly becoming a new “front line” in the cybersecurity battle. At the same time, edge compute architecture offers new opportunities to implement more sophisticated security layers to protect against threats. As organizations try to stay ahead of the evolving technology paradigm, it is essential to build an appropriate edge cybersecurity strategy in response.

Read More

How to Protect Your eCommerce Website from Security Risks

Molly Wojcik | September 21, 2018 | E-commerce, Security

eCommerce websites are at the forefront of cyber attacks that can impact websites, breach customer confidentiality and damage a business’ reputation in the short and long-term.

Read More

What and Where is the Edge PaaS?

Stewart McGrath | July 16, 2018 | Performance, Security, Edge

Web applications are increasingly complex by nature and rapidly evolving in a landscape of increased consumer demand for higher quality experience, faster interaction and a low tolerance for security breaches of personal data. While cloud computing and the emergence of the large cloud hosts has caused a centralization of compute resource, the next wave of compute innovation is happening at “the edge”.

Read More adds Shieldsquare Bot Management

Stewart McGrath | June 22, 2018 | Security

We are pleased to announce today that we have added ShieldSquare Bot Mitigation and Management to’s modular web optimization platform. Both and Shieldsquare focus on improving the security of web applications and thier content.

Read More

6 Quick Fixes to Secure Your Website

Danny Randa | December 13, 2017 | Security

Website security is a hot topic these days, with a new hack of a major institution making it in the headlines every few weeks. You know security is important, and you want to protect your site, but what measures should you take to keep your site secure? The truth is website security will be slightly different for every site. Some large ecommerce sites may need an internal security team in place to juggle the various security tools being utilized, while smaller to mid-size sites can manage without a dedicated security team.

Read More

How to Prepare Your Ecommerce Site for the Holiday Season

Danny Randa | August 15, 2017 | E-commerce, Performance, Security

Each year the holiday season seems to roll around more quickly, with Thanksgiving decorations popping up before Halloween has concluded and winter-themed decorations and merchandise appearing in stores mid-September. For retailers, holiday sales dominate promotions beginning in mid-November and go all the way through post-season blowouts in January.

Read More

Webinar - How Website Security and DevOps Can Work Together

Roxana Elliott | July 26, 2017 | Security

There are several challenges to deploying a robust security solution on your website or application. As we have discussed previously, hackers, bots, and attack types are becoming more and more advanced, and it can be difficult to block all known and unknown threats using older rules-based Web Application Firewalls. In addition website security solutions can be frustrating to integrate with modern developer workflows such as DevOps and Agile.

Read More adds Signal Sciences Web Protection Platform

Stewart McGrath | June 21, 2017 | Security

We are pleased to announce today that we have added the Signal Sciences Web Protection Platform to’s modular Edge PaaS. Both and Signal Sciences focus on bringing security, agile practices, and DevOps workflows to enterprises that are tackling the shift to cloud and modern application deployment.

Read More

Top Security Threats to Ecommerce Websites

Roxana Elliott | June 06, 2017 | Security, E-commerce

In the past few years it’s seemed like there has been a new widespread security breach every other week. High profile incidents such as Heartbleed and WannaCry and hacks of notable entities including Sony Pictures and the Democratic National Committee have brought cyber security to the front of people’s minds. The magnitude of Distributed Denial of Service (DDoS) attacks has risen with the increased number of devices connecting to the internet, and as more of the population engages with these devices the risk of sensitive information being taken advantage of continues to rise.

Read More

Web Application Firewalls and the Future of Website Security

Roxana Elliott | May 03, 2017 | Security

Web application firewalls have been around for over 20 years, but recent advancements in how they block bad traffic and are managed by development teams encouraged us to take a look at the history of firewalls, WAFs, and where website security is heading.

Read More

The Challenge of Content Delivery for SAAS Companies

Roxana Elliott | March 21, 2017 | Performance, Security

Software as a Service or SAAS platforms are all over the Internet – they are pre-built services for companies that don’t want to create their own software for a specific need, and include job boards, online support systems, internal portals, and more. Many of these SAAS companies offer custom domains to their customers. This feature allows brands to use these services while maintaining their own brand identity. By “white-labelling” URLs, end-customers feel comfortable that they are staying within the ecosystem of the website they are on.

Read More and Recent Global CDN Security Concerns

CJ Brewer | February 24, 2017 | Security, CDNs 101

Summary of security issue raised In the past few days, vulnerability researchers at Google discovered Cloudflare’s reverse proxies were dumping uninitialized memory into their outputs, opening up websites that use Cloudflare to data leaks. This data included cookies, passwords, encryption keys, and even user’s private data from large sites that use Cloudflare.

Read More

How Scalability and Bots Impact Product Launches

Roxana Elliott | February 08, 2017 | Security, Performance, Marketing

Have you ever gone to an ecommerce site right as a highly anticipated launch was occurring and found yourself locked out or inventory immediately gone? Flash sales or new product launches can be both a blessing and curse for ecommerce sites: While they bring motivated visitors who are ready to purchase quickly, they can also be plagued by scalability issues, bots holding product up in shopping carts, and malicious traffic that aims to re-sell items on a third-party site such as eBay.

Read More adds Threat X, an Intelligent WAF

Roxana Elliott | February 01, 2017 | Security

Today we’re excited to announce that we have added Threat X, an intelligent Web Application Firewall, to’s choice of reverse proxies. At we’re committed to bringing you a choice of the best-in-class solutions for website performance and security. That’s why we let you choose which unmodified, open-source version of Varnish Cache works with your application, and now you have the choice between two WAFs: Threat X, which is a next-generation intelligent WAF backed by a team of security experts, and ModSecurity, a leading open-source WAF.

Read More

How Private-Public Key Encryption Keeps Data Safe

Roxana Elliott | January 11, 2017 | Security

You may have noticed that over the past few months more and more websites have started to use HTTPS, the secure version of the communications protocol HTTP, for all of their pages. In Google’s Chrome browser, sites not using HTTPS now include an “information” icon next to address which states “Your connection to this site is not secure. You should not enter any sensitive information on this site (for example, passwords or credit cards), because it could be stolen by attackers.”

Read More

The Varying Levels of DDoS Protection

Melissa Kilbourne | December 19, 2016 | CDNs 101, Security

A DDoS attack is a distributed denial of service attack. This means that an attack is coming from multiple places with a high volume of requests with the intent to bring your site down. With we offer a few different levels of DDoS protection to our customers in the event of an attack.

Read More

Announcing the Partner Program

Pete Jordan | December 01, 2016 | Performance, Security, Culture works with digital agencies, development shops, and hosting services to improve website performance and security

Read More

Debugging a secure website

Jason Stangroome | November 28, 2016 | Security

How to Debug an HTTPS Website As the Internet evolves with an ever increasing demand for security, websites are taking a full-HTTPS approach combined with additional features like Strict Transport Security (HSTS) and Public Key Pinning (HPKP). Websites adopting HTTP/2 for its performance benefits are also required to use HTTPS everywhere.

Read More


Stewart McGrath | November 16, 2016 | Caching, Security, CDNs 101

This week, is at the DeFrag Conference in Broomfield, Colorado, a technology conference that focuses on those at the core of every technology company: developers. was founded by developers, for developers, and was built out of a frustration with the way Content Delivery Networks make it difficult for developers to easily drive and test the performance and security tools CDNs offer. At DeFrag we are launching our “Free YXORP” campaign, a movement to unleash the power of reverse proxies, which have long been held captive by Content Delivery Networks.

Read More

How to Be Ready for a Magento Security Incident

Jason Stangroome | November 14, 2016 | Magento, Security

A few weeks ago Magento published a very helpful article to their Security Center outlining the steps to follow after suffering a malware attack on your Magento site. It is a great resource to save away in case you ever find yourself in this situation, however, it is also beneficial to understand what exactly is involved so you can prepare now.

Read More

The eBook on Optimizing your Magento Site for Performance

Roxana Elliott | October 04, 2016 | Magento, E-commerce, Performance, Security

Improve your ecommerce site with our eBook on performance and scalability for Magento# In September we became a Magento Select Technology Partner, and for the past few weeks we’ve been hard at work compiling all our Magento knowledge so that merchants who want to improve their Magento site speed and scalability, get information on hosting for Magento, read about Magento cache options and more have a singular resource to turn to.

Read More

Web pages without HTTPS will be labelled insecure

Jason Stangroome | September 27, 2016 | Security

In case you missed it: Chrome to mark non-HTTPS pages insecure Google recently announced that in version 56 of their Chrome browser (expected in about 3 months) will change the address bar to clearly label websites served without HTTPS as “not secure” if the page contains a password or credit card input field.

Read More Introduces Community Forum

Stewart McGrath | September 22, 2016 | Performance, Security, CDNs 101

We’re pleased the introduce the Community Forum, where users and those looking for information about Content Delivery Networks, Varnish Cache, and general website performance and security enhancements can post and answer questions. Anyone can read questions by others on the Community Forum, and to ask your own questions sign up for a free account.

Read More

Introducing Multiple SSL Certificates on

Melissa Kilbourne | September 14, 2016 | Security

We’re pleased to annouce that now supports multiple free SSL certificates if your website application uses multiple domains. The platform can now create, manage, and renew a free SSL certificate for all the domains that use one configuration, so you don’t have to worry about your SSL certificate expiring and your website becoming more vulnerable to attacks.

Read More

Varnish WAF Options

Daniel Bartholomew | September 07, 2016 | , Security

It’s common that a modern web site will want the advantages of Varnish Cache’s excellent programming model in tandem with a WAF.

Read More

Ensuring Your SSL Certificate is Setup on Magento

Stewart McGrath | August 30, 2016 | CDNs 101, Security, Magento

A Study of how Magento Websites use SSL for HTTPS Recently, studied a random sample of around 330 websites running on Magento Enterprise, the leading eCommerce solution for large businesses.

Read More

The cost of HTTP 404 Page Not Found

Jason Stangroome | August 26, 2016 | Caching, Security, Performance, Varnish Cache

Reducing 404 error pages on your website Do you know how many resources are consumed by your origin web servers to determine that a requested URL is non-existent and render the Not Found response page? Many site owners cannot answer this question, and most of the time this is fine because a well-managed site will rarely need to serve a 404 under normal conditions.

Read More

Quick Analysis of ABS Census Outage

Stewart McGrath | August 09, 2016 | Security, Performance, Caching

As we know, millions of Australians have not been able to lodge their Census online as the ABS Census site is offline.

Read More

Announcing free hosted DNS

Melissa Kilbourne | June 22, 2016 | CDNs 101, Security, Performance

We have recently released two new features that make it easier to utilize’s CDN for your website. There are two requirements to start serving traffic over

Read More

Announcing free Automated HTTPS Certificates

Melissa Kilbourne | June 22, 2016 | Security

We have recently released two new features that make it easier to utilize’s CDN for your website. There are two requirements to start serving traffic over

Read More

Canonical bare domains and cookies

Jason Stangroome | June 21, 2016 | , Caching, Security

Suppose you bought the domain name “” for your website. Will your visitors enter or just the bare domain in their browser’s address bar to access your site?

Read More

Cross-site request forgery and caching

Jason Stangroome | June 13, 2016 | Caching, Security

As summarised by OWASP, Cross-Site Request Forgery (CSRF) is “an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated”.

Read More

A little help improving your website's transport security

Jason Stangroome | May 09, 2016 | Security

Ivan Ristic of Qualys blogged last year about a TLS Maturity Model, citing that “over time, … deploying TLS securely is getting more complicated, rather than less”.

Read More

ModSecurity for DDOS Attacks

Daniel Bartholomew | April 24, 2016 | Security

DDOS attacks come in many styles and target various layers of a system. It is increasingly common to see attacks targeted at Layer 7, where a surge of HTTP requests is made to your site.

Read More

Vanity Tracker Domain HTTPS with Pardot & Salesforce

Elijah Glover | April 15, 2016 | Marketing, Security

Most astute companies are using marketing automation software to help streamline their marketing message and increase sales results. Security and performance typically aren’t your first thoughts when setting up such systems and configuring vanity tracker domains.

Read More
Blog Categories

Interested in articles about a specific topic? Click on a category to see all related content.