Home Security & Privacy CDN Security Best Practices

CDN Security Best Practices Cheat Sheet

TLS, WAF, and bot management

Last Updated: November 21, 2025

Focus Areas

Focus
Set TLS to TLS 1.2+ and rotate certificates
Block abusive bots with WAF rules and captchas

Commands & Queries

cloudflare certs create
Provision TLS certificates
aws cloudfront create-distribution --web-acl-id ...
Attach a WAF
fastly waf create
Create a WAF rule

Summary

Layer TLS, WAF, and bot defense at the CDN to protect downstream origin.

Related Cheat Sheets

Vault Secrets Engines

Enable engines, generate dynamic credentials, and renew leases

Incident Response

Declare incidents, contain, communicate, and learn

Node.js Security

Audit dependencies, configure CSP, and lock env variables

Passwordless Authentication

Deploy magic links, WebAuthn passkeys, and OTP flows

💡 Pro Tip: Enable TLS, WAF, and rate limits at the edge before origin hits.

Related Cheat Sheets

Browse all Security & Privacy →

← Back to Security & Privacy | Browse all categories | View all cheat sheets