Support FAQ

What is a CDN?

Introduction

A CDN (Content Delivery Network) is a globally distributed network of edge servers that cache content closer to users. Instead of every visitor waiting for a response from the same origin server, the CDN can serve images, scripts, pages, API responses, or other safe content from an edge location near the request.

Think of it as a set of local warehouses for web content. A company does not ship every package from one central warehouse if customers are spread across the world. It places stock closer to demand. A CDN does the same with digital content, reducing distance, repeated origin work, and the impact of traffic spikes.

That is the basic performance lesson. The operational lesson is just as important: a CDN sits on the same request path as cache policy, security checks, traffic routing, origin protection, and logs. If those controls are connected, the edge can do more than deliver files quickly. It can decide what should be served, inspected, throttled, blocked, routed, cached, logged, or sent to origin.

The Problem it Solves

Without a CDN, all users must fetch content directly from the single origin server where the website is hosted. This creates several challenges:

Distance and Latency

If your website is hosted on a server in New York, users in Australia must send their requests across the globe. This round-trip can take 200ms or more just for the network transmission, before any processing time.

Origin Server Overload

A single server must handle all traffic worldwide. That can lead to:

  • Slower response times during peak usage
  • Server crashes during traffic spikes
  • Poor user experience for global audiences
  • Higher infrastructure cost from repeated requests for the same content

Single Point of Failure

If the origin server experiences issues, the entire website becomes unavailable globally.

How it Works

A CDN operates through a network of edge servers (also called Points of Presence or PoPs) distributed globally. Here's the typical workflow:

Initial Request (Cache Miss)

  1. User Request: A user in Tokyo requests an image: https://example.com/logo.png
  2. CDN Routing: The request is automatically routed to the nearest CDN edge server in Asia
  3. Cache Check: The edge server checks if it has a cached copy of logo.png
  4. Origin Fetch: Since it's the first request (cache miss), the edge server fetches the image from the origin server
  5. Cache and Serve: The edge server stores a copy of the image and serves it to the user
  6. Future Requests: The cached copy is now available for subsequent requests

Subsequent Requests (Cache Hit)

  1. User Request: Another user in Japan requests the same image
  2. CDN Routing: The request goes to the same Asian edge server
  3. Cache Hit: The server finds the cached copy and serves it immediately
  4. Fast Delivery: The user receives the image in milliseconds instead of hundreds of milliseconds

Cache Management

CDN edge servers use sophisticated caching rules:

  • Time-Based Expiration: Content expires after a set time (TTL - Time To Live)
  • HTTP Cache Headers: Respect Cache-Control and ETag headers from the origin
  • Manual Purging: Content can be manually invalidated when updates are needed
  • Cache Keys: The CDN can vary a cached response by route, query string, header, cookie, device, or other request details
  • Bypass Rules: Authenticated, sensitive, or unsafe responses can be sent to origin instead of cached

Key Benefits

Improved Performance

CDNs provide multiple performance advantages:

  • Reduced Latency: Content served from nearby servers loads faster
  • Parallel Downloads: Modern CDNs can serve multiple assets simultaneously
  • Optimized Routes: CDN networks often use optimized routing paths
  • Protocol Optimization: Support for modern protocols like HTTP/2 and HTTP/3

Real-World Impact: A website that takes 3 seconds to load from the origin might load in under 1 second with a CDN.

Higher Availability

CDNs provide redundancy and fault tolerance:

  • Origin Protection: If the origin server goes down, CDNs can continue serving cached content
  • Geographic Redundancy: Multiple edge servers ensure service continuity
  • Automatic Failover: Traffic automatically routes around failed servers
  • Load Distribution: Reduces the chance of origin server overload

Reduced Origin Load

By serving cached content, CDNs reduce the load on origin servers:

  • Bandwidth Savings: Cacheable requests do not need to fetch the same bytes from origin every time
  • Server Resource Savings: Less CPU and memory usage on origin servers
  • Cost Reduction: Lower hosting costs due to reduced origin server requirements
  • Scaling Efficiency: Origin servers can handle more unique users

Enhanced Security

A CDN is a useful place to apply security controls because it sees traffic before the application does:

  • DDoS Protection: Absorb and mitigate large-scale attacks
  • Web Application Firewall (WAF): Filter malicious traffic before it reaches the origin
  • SSL/TLS Termination: Handle encryption/decryption at the edge
  • Bot Protection: Identify and block malicious bot traffic

The practical question is not just whether the CDN has a security feature. It is whether security, cache, traffic, and origin decisions share enough context for operators to tune them safely.

Types of CDN Content

CDNs can cache various types of content:

Static Content

  • Images, CSS, JavaScript files
  • Videos and audio files
  • Downloadable files (PDFs, software)
  • Fonts and other assets

Dynamic Content

  • API responses (with appropriate caching headers)
  • Personalized content (with careful cache configuration)
  • Database query results

Streaming Content

  • Live video streams
  • On-demand video content
  • Real-time data feeds

Where CDN Decisions Connect to Peakhour Controls

A CDN becomes more useful when performance decisions are connected to the rest of the request path. Peakhour treats CDN and cache as part of the same operating model as traffic control, origin protection, security, and evidence.

  • Advanced Caching defines cache keys, TTLs, bypass rules, purge behaviour, stale handling, and cache analytics so teams can accelerate safe content without guessing what was served.
  • Origin Shield adds a shield layer between edge POPs and origin, collapsing repeated misses and reducing the chance that a burst of uncached requests becomes an origin incident.
  • Cloud Load Balancing keeps clean traffic moving to healthy regions and origin pools when demand shifts, a region fails, or an application needs a controlled failover path.
  • DDoS Protection helps absorb and shape abnormal request pressure before origin capacity is consumed, especially when Layer 7 traffic targets costly pages or APIs.
  • WAAP and WAF Controls inspect application and API traffic before exploit payloads, policy violations, or suspicious request patterns reach the application.
  • Bot Management separates normal visitors, verified crawlers, suspicious automation, scrapers, and credential tools before they share the same cache and origin path.
  • Advanced Rate Limiting counts the actor and route that matter, using request path, country, ASN, fingerprints, response patterns, thresholds, and action state instead of one flat limit.
  • Traffic Control ties these outcomes together so a request can be allowed, challenged, throttled, blocked, cached, logged, or routed with a clear decision record.
  • Log Forwarding moves enriched request evidence into the systems teams already use for incident review, tuning, compliance, and support.

The point is not to collect disconnected CDN features. It is to keep the controls close enough to operate together. A cache miss, a bot burst, a rate spike, a WAF match, a DDoS event, and an origin failover can all affect the same user path. Operators need to see one request story, not separate fragments from separate tools.

Why Connected CDN Controls Matter

CDN performance work often starts with static assets, but the hard problems appear on dynamic and sensitive routes: login, search, checkout, account pages, booking flows, APIs, and high-cost catalogue pages. Those routes may be partly cacheable, fully dynamic, or safe to cache only under specific rules.

If cache, security, and routing are disconnected, teams can end up with awkward tradeoffs:

  • A campaign sends traffic to a dynamic page and a wave of cache misses reaches origin at once.
  • A scraper avoids static assets and targets search or product endpoints that are expensive to generate.
  • A Layer 7 flood looks like normal web traffic until rate, bot, and WAF signals are reviewed together.
  • A failover sends users to a backup origin, but the weaker path does not preserve the same cache or security policy.
  • A support team sees a blocked or delayed request, but cannot tell which policy matched or what happened to the origin path.

Connected controls reduce that guesswork. Cache hit or miss, policy match, bot posture, rate pressure, route choice, origin result, and log evidence should stay close enough that teams can tune the edge without waiting for an application release or rebuilding the incident from scattered dashboards.

For the security side of the same category, read CDN security and edge security.

Practical CDN Checklist

When reviewing a CDN setup, ask:

  • Which responses are safe to cache, and which must always bypass cache?
  • Are cache keys explicit enough for logged-in, regional, device-specific, or personalised content?
  • What happens when many edge locations miss the same object at the same time?
  • Which routes are expensive enough to need origin shielding, rate limits, bot checks, or WAF/WAAP inspection?
  • Can clean traffic be routed to healthy origin pools during failover or regional pressure?
  • Can operators see the cache state, matched policy, action, route outcome, and origin effect for a request?
  • Can those decisions work whether Peakhour is the primary edge or is adding intelligence beside an existing edge?

Conclusion

A CDN is one of the most useful performance controls for a modern website. It shortens the distance between users and content, reduces repeated origin work, and helps keep a site available when traffic changes.

The strongest CDN setups go further. They keep cache policy, origin shielding, traffic routing, DDoS protection, WAAP/WAF, bot management, rate limiting, and evidence in the same operating model. That way the edge is not only faster. It is also easier to explain, safer to tune, and better at protecting the origin systems that still do the expensive work.

Start with Advanced Caching and Origin Shield for the CDN side, or Traffic Control if the immediate problem is deciding which traffic should be allowed, challenged, throttled, blocked, cached, logged, routed, or sent to origin.

Related Articles

AI Crawler User Agents

A practical reference for common AI crawler user agents, operators, purposes, and recommended Peakhour bot-management actions.

AI For Cybersecurity

AI For Cybersecurity explains the concept in the context of AI security, with practical checks and mitigation considerations for site operators.

AI Image Generation

AI Image Generation explains the concept in the context of AI security, with practical checks and mitigation considerations for site operators.

AI Misuse

AI Misuse explains the concept in the context of AI security, with practical checks and mitigation considerations for site operators.

© PEAKHOUR.IO PTY LTD 2025   ABN 76 619 930 826    All rights reserved.