What does your site going down cost you? If your business depends upon your site loading quickly and staying online, having a single server isn’t enough. Between DDos attacks, hackers, SQL injections, scrapers, comment bots and fake Google crawlers, even smaller blogs and sites really need protection. How much depends on your tolerance for outages and budget.
Keeping the bad actors out has the side benefit of speeding up your page load times, improving your search engine rankings, and making your visitors happier so they stay longer and spend more.
How Common Are Attacks?
It is very likely your site has been attacked in the past and will be again.
How bad is it?
See the Stats in the just published 2014 Bot Traffic Report.
Hackers were hitting this site so hard they were taking the server down from Friday evening until Sunday night. This affected all the sites on the same server. We had to password protect the login page to stop them.
The WordPress plugin Wordfence indicates that fake Google bots and other attacks are ongoing all the time. While WordFence can block them, that happens after they hit the server. That means these bots and attacks are slowing down the server and my site. If you’ve visited a WordPress blog and seen the white page with “error establishing a database connection” it is likely that site was under attack (whether they knew it or not).
There is a better solution: using a Content Delivery Network (CDN) to block them in the cloud before they can get to the server. Fortunately, a CDN is very simple to implement, requiring only a change of your DNS. There is no software or hardware to install or configure.
What is a CDN?
A Content Delivery Network (CDN) also known as a Content Distribution Network, is a distributed system of servers spread across numerous data centers. In the diagram below, these servers are shown in the center in orange. Your content is still stored on the servers at your hosting company. These are shown on the left above content providers. When the internet users shown on the right go to your site, their requests for content go to the closest server (shown in orange) instead of directly to your host’s server. That server will cache (save) a copy of each of the pages requested by users in that area. This has several benefits explained below.
When you use a CDN it filters out the bad traffic including attacks and bots. That bad traffic never gets to your server. The security features of a CDN can reduce the amount of bandwidth your site uses by rejecting bot traffic. For a popular blog, that can be up to 75% of your visitors. When any site is under attack, it can be most of their traffic. This is explained further under DDoS Protection (below).
Because the CDN acts as your first line of defense, if you are slow updating your CRM (WordPress, Joomla, eCommerce platform, etc.) the CDN will protect you from just discovered vulnerabilities even before you know about them. CDNs are in the best position to recognize new attacks because they manage so many servers and see these attacks first.
The best protection is prevention. Many sites aren’t aware they’ve been compromised until someone tells them a search engine is returning a “site is unsafe” warning or they see it in Webmaster Tools. CDNs provide an added level of security at a level higher than many hosting companies manage.
CDNs can also block scrapers who steal your content!
Sophisticated CDN users can block malicious bots, email and content scrapers, and fake crawlers while allowing real crawlers, shopping comparison sites and other friendly bots free access. This short entertaining video explains how CDNs work:
Page Load Speed
Because pages are cached on a server closer to the end users (your visitors), page load speed can be up to 50% faster and consume 40%-70% less bandwidth. Since 2010, Google has officially used site speed as one of the key factors in ranking.
Using a CDN is valuable for SEO and also for keeping your visitors on your site longer (which also improves your search engine positions). People are less patient than ever. If your site doesn’t load quickly they are likely to just leave. Faster loading can reduce bounce rates and increase page views per visitor and time on site. Reducing page load time makes your visitors – and Google – happier.
Caching for Crash Resistance
When using a CDN your most requested pages are cached on many servers. If your social media activities manage to send your content viral, those many servers instead of only one can better handle massive numbers of requests.
If your main server goes down, many CDNs will serve cached versions of your most popular pages. This will not keep all of your site up, but it would ensure your home page and contact information stay available – at least for as long as cache settings provide (typically 24 hours).
Most CDNs can only cache static pages, but some such as Incapsula can also provide dynamic content caching. Two other advantages to Incapsula that also speed up caching and page load times are their ability to minify (remove extra spaces) and compress your content even when it isn’t compressed or minified on your host’s server. They even offer on-the-fly image optimization.
Back Door Protection
A hacker can change the contents of your site or use it to direct links to other sites (often sites you would never want to link to because they contain adult content or other types of ‘bad neighborhoods’). They can also use your site to attack other sites in what is called a DDoS (Distributed Denial of Service).
While we may all wish we had DDoS protection and many CDN solutions offer it with their larger packages, it is likely to be too expensive for the average blog or a very small ecommerce store. Any larger ecommerce site needs to seriously consider this protection as an outage – especially during the holiday shopping season – could generate losses that can be avoided.
In a DDoS attack, the attacker machine compromises many sites and uses them to attack the site they wish to take down. (See the diagram below.) These attacks are referred to as distributed because of these many compromised sites. The denial of service occurs because the compromised sites send so many page requests that the server is unable to respond to them all.
When you use a CDN – even a plan that doesn’t specifically protect from a DDoS – your site has greater capacity to respond to high volume requests and it is protected from being compromised and used in this manner.
Load Balancing and Failover
Business sites that need to be up 100% of the time are typically hosted on multiple servers in more than one location. Load balancing refers to the ability a CDN has of deciding to pull data from the server that is least busy. Automatic failover is an advanced offering that senses when the primary server is failing and switches to a previously designated backup server.
Do You Need a CDN?
This may be the year to decide whether to take your site to the next level or not. Using a CDN confers many benefits so every serious blogger and site owner should at least consider it. Bloggers we know including Justin Germino @Dragonblogger, Ron Cripps @AffiliateXFiles and @DiTesco have been using CDNs for years. Check their sites for reviews and recommendations. My favorite tool Trello recently started using the Incapsula CDN service.
If this post has not answered all of your questions about how a CDN works, do ask in the comments below. If I do not already know the answer, I will get answers for anyone who asks.