Our cdn solution
What is CDN?¶
With each visit of a web page, your web browser must download all files that the site links to. If the visitor is geographically distant from the server, this can lead to significant delay in page load.
Our CDN provides cache servers in several locations. If you use the CDN, your customers do not have to download static content from your distant web server, but the much closer cache server. Thank to that, page loads are much faster.
Main advantages of CDN¶
- better loading times for visitors
- less load on your web servers
- partial protection from DDoS attacks
Locations¶
As of this time, we offer CDN in Europe, USA and globally. In Europe, we have cache servers in Prague, London, Madrid and Bucharest. For USA, we offer cache servers in New York.
When choosing a location it is necessary to keep in mind that all traffic that goes through the CDN domain/alias must go through this location. In the case where the selected site is US, this results in all visitors being routed through that location, not in the CDN being active only in the selected location. If the visitors are mainly from Europe, selecting US is probably not a good choice.
Activating the service¶
- When you order CDN service, you will be a given a CDN domain that you must use for linking to your static content. For example, if your website is example.com, the domain will be example.vshcdn.net.
- Your programmers must change static content links in your application to example.vshcdn.net.
- Thanks to anycast technology and specially configured DNS servers, visitors will always download static content from the server that is closest to them.
List of IP addresses¶
At the moment, the CDN can download static content from your servers using the following IP addresses:
93.185.110.99/32
93.185.110.100/32
93.185.110.101/32
185.198.191.147/32
204.145.66.226/32
77.81.119.26/32
86.105.155.150/32
185.115.0.0/24
77.247.124.1/32
46.243.53.13/32
Or these IPv6 addresses:
2a05:91c0:504::4571/128
2a00:1d70:ffff:ffff:ffff:ffff:ffff:1/128
2a00:1ed0:0:213::11/128
2a00:1ed0:0:213::12/128
2a00:1ed0:0:213::13/128
2a0a:54c0:0:34::2/128
2001:1980:5102:ea82::2/128
2a02:5420:1::/48
2a00:1ed0:3:1::6/128
2a00:1ed0:3:2::6/128
2a00:1ed0:3:3::6/128
2001:1980:5102:ea84::6/128
2a05:91c0:504:4571::11/128
2a00:1d70:a002::11/128
2a0a:54c1:28::6/128
2a0a:54c1:29::6/128
2a00:1ed2:1::13:1/128
2a00:1ed0:3:1::101/128
2a00:1ed0:3:2::101/128
2a00:1ed0:3:3::101/128
2001:1980:5102:ea84::101/128
2a0a:54c1:28::101/128
2a0a:54c1:29::101/128
The IP addresses can change in time. You can get list of current IP addresses at these URLs: IPv4, IPv6. The addresses are delimited by newlines ('\n').
Getting visitors' IP addresses¶
The CDN server saves visitor's original IP address in the "CDN-VSHOSTING-Real-IP" header. However, you need to configure your web server, so it trusts this header only in case the request comes from one of the CDN IP addresses. You can find their list above.
Below are example configurations:
nginx
set_real_ip_from 93.185.110.99;
set_real_ip_from 93.185.110.100;
set_real_ip_from 93.185.110.101;
set_real_ip_from 185.115.0.0/24;
set_real_ip_from 204.145.66.224;
set_real_ip_from 204.145.66.156;
set_real_ip_from 185.198.191.147;
set_real_ip_from 204.145.66.226;
set_real_ip_from 204.145.66.158;
set_real_ip_from 77.81.119.26;
set_real_ip_from 86.105.155.150;
real_ip_header CDN-VSHOSTING-Real-IP;
Apache
RPAFenable On
RPAFproxy_ips 93.185.110.99 93.185.110.100 93.185.110.101 185.115.0.0/24 204.145.66.224 204.145.66.156 185.198.191.147 204.145.66.226 204.145.66.158 77.81.119.26 86.105.155.150 RPAFheader CDN-VSHOSTING-Real-IP
Checking IP address in PHP:
function get_realip() {
$real_ip = $_SERVER[REMOTE_ADDR]
$cdn_ip = array("93.185.110.99", "93.185.110.100", "93.185.110.101", "204.145.66.224", "204.145.66.156", "185.198.191.147" "204.145.66.226", "204.145.66.158", "77.81.119.26", "86.105.155.150"); if (in_array($_SERVER[REMOTE_ADDR], $cdn_ip)) { $real_ip = $_SERVER[HTTP_CDN_VSHOSTING_REAL_IP]; } return $real_ip; }
Setting the expiration period**¶
In order to set the expiration period, you can use "Cache-Control" or "Expires" headers. "Cache-Control" has more options.
If you want to cache content for up to 10 minutes, set "Cache-Control" as following:
"Cache-Control: public, max-age=600"
Afterwards, you can you this snippet in .htaccess:
<FilesMatch "\.png$">
Header set Cache-Control max-age=3600
</FilesMatch>
The example above will let CDN cache png files for maximum of 1 hour. After this time elapses, CDN will check whether the files have been modified.
Forced cache Feature¶
To set the caching duration, we can also use the Forced Cache feature in the CDN administration. When this feature is enabled, all responses are cached for the specified duration, including those that would normally not be cached due to headers.
When this feature is enabled, the following headers are ignored, for example:
- X-Accel-Expires
- Expires
- Cache-Control
- Set-Cookie
However, the headers are not modified. The headers (including Set-Cookie
) are sent to the client in the form they were sent by the backend. Therefore, if Cache-Control: no-cache
is set, the content will still be cached on the CDN for the duration set by Forced Cache, but caching will not occur in the browser.
When using this feature, it is important to ensure that there is no dynamic content on the domain, or content whose loading causes cookies to be set via Set-Cookie
.
Adding Cache-Control in PHP¶
For setting "Cache-Control", you can use the header function:
header("Cache-Control: max-age=600");
You need to call it before any content is sent, so as early in your code as possible.
GeoIP mode¶
Using GeoIP, you can restrict access to CDN to certain countries. GeoIP can be used as blacklist or as whitelist. After choosing a mode, you can pick countries you want to block or allow from the dropdown menu. It is possible to select multiple countries.
Remote log¶
You can send CDN logs to a remote server for analysis. At the time of writing, you can only use syslog. You can specify the remote server in the "Remote Log" field in the CDN administration interface. For example "syslog://1.2.3.4" (use IP address or hostname of your server instead of 1.2.3.4). By default, the logs are sent via UDP to port 514.
Automatic conversion to WebP¶
This feature enables converting .bmp, .png, .jpg and .jpeg files (".(?:bmp|png|jpg|jpeg)$" as regular expression) to WebP when using CDN. You can find more information about WebP image format at https://en.wikipedia.org/wiki/WebP. The CDN checks browsers for WebP support via "Accept-Encoding" header. To browsers, that do not support it, it sends the original image. After turning this feature on, you need to wait for one hour until the converted files will be available. Therefore, "Cache-Control" or "Expires" need to be set to at least one hour (3600 s). If the images in question are already cached on CDN, you need to remove those first. The conversion can be turned off by vshcdn-webp-noautconvert=1 parameter in URL, or setting VSHCDN-WEBP-NOAUTOCONVERT=1 header on the backend.
When using this function, redirects are followed internally in the CDN and the image is returned to the client with the original url, in case you need the opposite behavior please contact us via ticket with the information for which domain you wish to reconfigure the functionality.
Cache-Control¶
Newly, you can remove a cached URL from CDN directly in the CDN interface. In your domains tab, you have a Cache Control button next to each domain. After clicking on it, you can either discard all cached content, or remove individual items by URL. The URL needs to be in the following format: "https://testdomain.vshcdn.net/url/to/delete". If you are using a domain alias, you need to enter it as well: "https://testdomain.com/url/to/delete". You can also use a wildcard *, but only at the end of the URL. For example, to delete all images from a directory, enter "https://testdomain.com/image/folder/*". You need to specify the protocol as well, so for complete removal, you need to enter both "http://" and "https://".
Access log¶
In the transfer history tab, you can now download access log in text format. Alternatively, you can diplay it in your browser using GoAccess.