Introduction

Medianova is a global provider of Content Delivery Network (CDN) and cloud security services designed to accelerate and secure digital experiences. With over 50 data centers across 21 countries, it helps businesses deliver fast, reliable websites, applications, and APIs while ensuring high performance and robust security.

Key Services and Concepts

1. CDN (Content Delivery Network) A CDN optimizes content delivery by distributing it across multiple servers around the world. Medianova's CDN service ensures that content such as images, stylesheets, and scripts are delivered efficiently by caching static assets at strategically located servers. This minimizes latency and improves page load times for users.

2. Static CDN The Static CDN service is specifically designed to optimize the delivery of static content. By caching assets globally, it ensures that users receive content from the nearest server, drastically reducing load times and enhancing performance. Integration is simple, with users needing only to update asset URLs and configure settings via the Medianova platform.

3. Dynamic Content Caching Dynamic content, generated per user request, can be resource-intensive. Medianova's microcaching system allows for caching dynamic content (e.g., API responses or web pages) for brief periods, thus reducing server load and improving page speeds. This helps reduce bandwidth costs while enhancing the user experience.

4. Live Streaming Medianova provides high-quality live streaming with adaptive streaming technology. This ensures optimal video quality across devices, from desktop to mobile, while maintaining seamless playback. The platform integrates with major social media platforms for broader reach. Security features, including encryption and access controls, ensure that content is protected and accessible only to authorized users.

5. Private CDN For organizations requiring greater control, the Private CDN offers flexible, secure, and high-performance content delivery. It provides businesses with tailored solutions that allow enhanced security and content distribution management.

6. Image Optimization Medianova offers real-time image optimization. This feature allows on-the-fly image transformations such as resizing, cropping, and watermarking through simple URL calls. It also supports responsive images, ensuring that content is tailored for different devices and screen sizes, contributing to faster load times and better user experiences.

7. Stook - Cloud Object Storage Stook is Medianova's cloud object storage solution that enables businesses to store, manage, and retrieve data quickly and reliably. It is S3-compatible and eliminates the traditional barriers of egress and transaction fees, making it a cost-effective choice for scalable storage needs.

8. SSL Encryption Secure Socket Layer (SSL) ensures encrypted communication between a server and a client. Websites with SSL certificates are considered secure, and this encryption is critical for e-commerce platforms, where security is a primary concern for users.

9. Medianova WAF (Web Application Firewall) Medianova's WAF actively monitors all incoming web traffic to detect and block malicious patterns before they can affect web assets. With predefined Managed Rules, enabling these rules offers immediate protection against various security threats.

10. DDoS Protection Medianova's DDoS protection system is always active, offering continuous defense against common attack types, such as DNS Query Floods, SlowLoris, and HTTP floods. It includes several mitigation strategies, including rate limiting, IP blocking, and geoblocking, ensuring minimal disruption to services during attacks.

Conclusion

Medianova combines advanced caching, acceleration, and security features to help businesses create fast, reliable, and secure digital solutions. With global infrastructure, robust security, and easy integration, Medianova empowers businesses to deliver superior user experiences while ensuring high performance and protection against a wide range of threats.

Comprehensive CDN documentation and API references, with integration, troubleshooting, and developer guides across all Medianova services.

Learn how to integrate and optimize your workflows with our detailed API documentation.

A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt normal traffic by overwhelming a target system or network with excessive requests. Medianova’s DDoS Protection automatically detects and mitigates these attacks without requiring any manual activation. From rate limiting to IP and Geo blocking, Medianova ensures uninterrupted availability even under heavy attack conditions.

How Medianova DDoS Protection Works

Medianova integrates several protection layers designed to stop attacks before they impact your services.

Always-On Defense

Your DDoS protection is active by default. There is no need for additional setup — your web assets are continuously monitored and protected against common attack types such as:

• DNS Query Floods

• Slowloris Attacks

• HTTPS GET / POST Floods

Anycast DNS Infrastructure

Medianova’s global distributes thousands of requests across multiple servers. This prevents traffic overload on a single endpoint and mitigates large-scale network floods.

IP and Origin Protection

You can reduce the risk of DDoS threats by concealing your origin IP before an attack begins. Medianova provides an extra layer of protection through Secure Cloud, limiting exposure of your origin infrastructure and filtering harmful traffic before it reaches your servers.

Warning: Exposing your origin IP directly allows attackers to bypass DDoS mitigation layers.

Rate Limiting and Geo Blocking

Edge-level rate limiting and Geo-based filtering restrict malicious or excessive traffic patterns. This ensures that legitimate users maintain access while harmful requests are dropped early in the network path.

WAF Integration

When combined with Medianova’s , DDoS Protection forms a complete multi-layer defense system. This integration protects not only against volumetric attacks but also against application-layer threats, such as bot floods or malicious payloads targeting web applications.

Best Practices

• Conceal your origin IP using Secure Cloud or Origin Shield.

• Combine DDoS Protection with WAF for enhanced multi-layer defense.

• Keep critical DNS zones under to distribute load globally.

• Regularly review threat and access logs to identify abnormal patterns.

Medianova DDoS Protection delivers continuous and intelligent protection against both volumetric and application-layer attacks. By combining global Anycast DNS distribution, adaptive rate limiting, and origin shielding, Medianova ensures your online services remain fast, secure, and always available.

You can try Medianova for 1 month without needing a credit card or any commitments. Your account will be activated automatically. If you need more features or help, our sales team is ready to assist you.

The trial includes important features like Static CDN and Dynamic CDN, which make sure your website content loads faster by delivering it from the closest server. The Web Application Firewall (WAF) lets you create custom security rules to protect your site from harmful traffic. You also get Standard DDoS Protection to keep your website safe from attacks that try to overload it with too much traffic.

The Global Anycast DNS feature improves your site’s DNS performance by directing traffic to the nearest server, which helps reduce loading times. The Purge feature allows you to quickly remove outdated content from all servers so your website shows updates instantly. You can also use page rules to control how your content is cached, forwarded, and secured, giving you more control over how the CDN handles your site.

For more advanced features and support, you can explore our premium packages for better options suited to your needs.

How to Activate Your Free Trial:

• Visit the .

• Fill in the fields for your name, email address, and password.

• Click the Next button.

• Enter the verification code sent to your email.

Your Free Trial has now started successfully.

Key Features to Explore:

• Static CDN

• Dynamic CDN

• Web Application Firewall

• DDoS Protection

Need a Helping Hand?

For additional support, contact us at .

A .pfx (PKCS#12) file contains your public certificate, private key, and intermediate certificates bundled together. This guide explains how to extract the certificate (.crt) and private key (.key) using a simple Bash script with OpenSSL.

Prerequisites

Before you begin:

• A valid .pfx file provided by the customer.

• The password for the .pfx file.

• OpenSSL installed on your local machine.

• (Optional) Rename the file for clarity using this format: domain.pfx — for example: medianova_com.pfx.

This procedure automates the extraction of certificate and key files from .pfx bundles. You can now use the generated .crt and .key files to upload your own SSL certificate in the Medianova Control Panel.

Secure Socket Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols that provide encrypted communication between clients and servers. They ensure data privacy, integrity, and authentication—protecting your website and CDN-delivered assets against interception or tampering.

Over time, the traditional HTTP protocol evolved into HTTPS, which uses SSL/TLS encryption to secure all data exchanged between users and websites. Medianova CDN supports HTTPS by default and allows you to manage SSL certificates directly through the platform.

Why SSL/TLS Matters

• Confidentiality: Encrypts all client–server communications.

• Integrity: Prevents data alteration or man-in-the-middle attacks.

• Authentication: Confirms your site’s identity through trusted Certificate Authorities (CAs).

• Trust & SEO: HTTPS improves user confidence and search engine ranking.

Supported SSL Certificate Types

Medianova CDN supports all common SSL/TLS certificates. Choose the one that fits your infrastructure and domain structure.

How SSL/TLS Works on Medianova CDN

1. A user requests your content via HTTPS.

2. The CDN edge node presents a valid SSL/TLS certificate.

3. Encrypted communication is established between the client and the edge server.

4. The edge communicates securely with your origin server (if origin SSL is configured).

Best Practices

• Always use HTTPS for all CDN-enabled resources.

• Prefer TLS 1.3 for stronger encryption and faster handshakes.

• Keep certificates renewed before expiration to avoid service disruption.

• Use Wildcard or SAN certificates to simplify certificate management.

‏‏‏‏‏‏‏‏

The HTTP protocol defines a standardized set of status codes to communicate the outcome of a client’s request. These codes indicate at which stage the request stands or why it may have failed. They fall into five primary categories:

1xx Informational

These codes indicate that the request was received and the process is continuing. They do not finalize the HTTP transaction — the client must wait for or send more data.

2xx Success

These codes indicate that the client’s request was successfully received, understood, and accepted.

3xx Redirection

These codes indicate that further action needs to be taken by the client in order to complete the request. Usually involves following a different URI.

4xx Client Error

These codes indicate that the client seems to have made an error. The server understood the request, but it cannot or will not process it due to something that is perceived to be a client problem.

5xx Server Error

These codes indicate that the server failed to fulfill a valid request. The problem is on the server side, not the client's.

References

• RFC 7231: HTTP/1.1 Semantics and Content (core HTTP methods, standard status codes)

• RFC 7235: HTTP/1.1 Authentication (401 Unauthorized, 407 Proxy Authentication Required and authentication mechanisms)

• RFC 6585: Additional HTTP Status Codes (defines 429 Too Many Requests, 431 Request Header Fields Too Large

Geoblocking allows you to control which countries can access your content through the . By enabling this feature, you can restrict or allow requests based on the visitor’s geographic origin, helping you comply with regional policies and protect your digital assets.

The Robots.txt File feature determines whether search engines receive a robots.txt file from the CDN and which source the file is taken from. This allows you to enable crawling for all files or defer crawling rules to your origin.

You can manage Robots.txt File settings in the or via .

Log in to the Medianova Control Panel, select a CDN resource in the CDN section, and navigate to the Caching tab.

Configure Robots.txt File

Choose how the CDN should provide the robots.txt file for the selected resource.

Hotlink Protection restricts access to your CDN Resource by verifying the Referer header in each HTTP request. When enabled, it ensures that only requests originating from your allowed domains can retrieve content from your CDN. Requests coming from unauthorized sources — such as external websites directly embedding your files — are blocked or redirected automatically.

Why Use Hotlink Protection?

Hotlink Protection helps you:

IP Restriction (Access Control List – ACL) allows you to manage which IP addresses can access your CDN Resource. You can choose between two modes: Whitelist or Blacklist, to define how access is granted or denied.

• Whitelist Mode: Only the IP addresses you specify are allowed to access your resource. All other IPs are denied.

• Blacklist Mode: The IP addresses you specify are denied access. All other IPs are allowed.

The Advanced Origin Settings feature provides a flexible and efficient way to configure content routing for dynamic resources. It allows you to define specific rules for routing requests to your origin server based on criteria such as URIs, protocols, domains, ports, and more. This functionality is particularly valuable for delivering dynamic content where precision and adaptability are crucial.

Key Benefits

• Optimized Routing for Dynamic Content: Ensures requests for frequently changing or personalized content are routed efficiently to the origin server.

Medianova’s CDN uses specific IP address ranges to fetch content from your origin servers. If your origin server uses a firewall or IP-based access controls, you must allow all addresses listed below to ensure reliable access from Medianova edge servers. This allows the CDN to retrieve and deliver your content securely and efficiently.

Available Formats

Origin Response Timeout defines the maximum time the CDN waits for an HTTP(S) response from your origin server. If the origin does not respond within the configured duration, the CDN returns a 504 Gateway Timeout.

Adjusting this timeout helps maintain predictable performance and prevents long wait times caused by slow origin responses.

You can manage Origin Response Timeout using the or .

In the Medianova Control Panel, go to CDN Resources, select your resource, and navigate to Origin Settings.

The Origin Host Header feature allows you to define a custom domain to be sent in the Host header of requests forwarded to your origin. Many origin servers rely on the Host header for routing, virtual hosting, or tenant identification. When this option is enabled and a domain is provided, the CDN replaces the default host value with the one you specify.

The feature does not modify viewer-facing responses and does not affect caching behavior.

How Origin Host Header Works

You can configure X-CDN Header in the or via

In the , select the appropriate CDN resource, navigate to the Optimization tab and select Text Optimization.

The page shows two content blocks, one for Brotli Compression and one for Gzip Compression:

The following steps apply to both Brotli Compression and Gzip Compression.

Shared Cache allows multiple accounts or domains to use the same cache structure by applying a Domain Cache Key. When set to Share, identical content is cached only once and served across participating accounts, improving efficiency and reducing redundant origin requests. When set to Default, each account maintains its own isolated cache.

You can manage Shared Cache in the Medianova Control Panel or via API.

Log in to the Medianova Control Panel, select a CDN resource in the CDN section, and navigate to the Caching tab.

Configure Shared Cache

Behaviour

• When set to Share, CDN edge nodes use the same cache namespace for resources that match the Domain Cache Key.

• Cache hits increase across accounts that serve identical content.

• Changing the status does not purge existing cache; behavior changes apply to future caching operations.

• When set to Default, each account's cache becomes isolated again.

FAQ

Does enabling Shared Cache expose content from one customer to another? No. Shared Cache only applies where explicit Domain Cache Key alignment exists and is intentionally configured.

Does switching from Default to Share purge existing cache? No. Existing cached content expires naturally according to its TTL.

When should Shared Cache be enabled? It is beneficial when multiple accounts deliver the same static assets (e.g., white-label platforms, partner domains).

Query String Caching defines how URLs containing query parameters are interpreted by the CDN cache. You can cache each query string variant separately, ignore selected query strings, or build the cache key using only specific parameters.

You can manage Query String Caching in the Medianova Control Panel or via API.

Log in to the Medianova Control Panel, select a CDN resource in the CDN section, and navigate to the Query String Caching section under the Caching tab.

Configure Query String Caching

This workflow defines the primary caching behavior for URLs containing query strings.

Configure Ignore Specific Query Strings

Exclude selected query string parameters so they do not create separate cached variants.

Cache Specific Query Strings Only

Build the cache key using only selected parameters and ignore all others.

Behaviour

• On: The CDN caches each unique query string as a separate variant.

• Off: Query strings are ignored; all variants map to a single cached object.

• Request URI: The full request URI is used as the cache key.

• Ignore Specific Query Strings: Excluded parameters do not contribute to the cache key.

FAQ

Do ignored parameters count toward the cache key? No. Ignored parameters never create new cache variants.

Can both Ignore and Cache Specific modes be enabled together? No. Only one mode can be active.

What happens if all modes are Off? All query variations serve the same cached response.

Does enabling On increase cache fragmentation? Yes. Each query combination creates a separate cached object.

Origin SNI Request enables the CDN to send the correct Server Name Indication (SNI) value when establishing SSL/TLS connections with your origin. This ensures that the origin server selects the appropriate SSL certificate, especially when hosting multiple domains on the same IP address.

Enabling this feature improves compatibility and prevents certificate mismatch errors during HTTPS communication.

You can manage Origin SNI Request using the Medianova Control Panel or API.

In the Medianova Control Panel, go to CDN Resources, select your resource, and navigate to Origin Settings.

Configure Origin SNI Request

Follow the steps below to enable and configure Origin SNI Request for your CDN Resource.

How SNI Works

During an SSL/TLS handshake, the CDN includes the SNI extension, which specifies the domain name requested by the client. This allows the origin server to:

• Select the correct SSL certificate

• Support multiple domains on a shared IP

• Avoid certificate mismatch errors

When to Enable Origin SNI Request

Use this setting when:

• Your origin serves multiple HTTPS domains from the same IP

• The origin requires SNI to present the correct SSL certificate

• You encounter HTTPS 421 or certificate mismatch errors

What Happens if the Setting is Disabled

If SNI is not sent:

• The origin may return the wrong SSL certificate

• HTTPS validation may fail

• Dynamic requests may intermittently fail under multi-domain hosting setups

Troubleshooting

Issue: HTTPS requests fail with certificate mismatch. Cause: The origin returned the default certificate instead of the certificate for the requested domain. Fix: Enable Origin SNI Request and enter the correct domain.

Issue: Origin returns 421 Misdirected Request. Cause: The origin requires SNI to route the request to the correct virtual host. Fix: Ensure the SNI domain matches the vhost configuration on the origin.

Issue: Requests fail after enabling SNI. Cause: Incorrect domain entered in the Origin SNI Request Domain field. Fix: Confirm that the domain matches a valid certificate installed on the origin.

Rate Limiting helps you maintain stable application performance by controlling how many requests a client can make in a given time frame. It protects against excessive API calls, brute-force attempts, and high-frequency requests that can degrade origin performance or service quality.

With Medianova’s edge-level implementation, rate limits are applied directly at the CDN layer — before the traffic reaches your origin servers — ensuring both reliability and efficiency.

Rate Limiting is available for Dynamic CDN Resources and can be configured per domain, path, or file extension through the Medianova Control Panel.

Why Use Rate Limiting?

Rate Limiting ensures a secure, predictable, and efficient experience for all users by:

• Preventing abuse or overload from bots or aggressive clients.

• Protecting login endpoints and API gateways from brute-force attacks.

• Ensuring fair bandwidth distribution among users.

• Preserving origin stability and avoiding unnecessary compute or database load.

Key Features

• Customizable Limits – Define request thresholds per second or minute to suit your application.

• Edge-Level Enforcement – Limit requests at the CDN edge, preventing overload before it reaches your origin.

• Burst Control Options – Configure how short bursts of requests are handled:

Use Cases

• API Protection – Prevent abuse of public APIs and ensure consistent response times.

• Authentication Endpoints – Limit login attempts to protect user accounts.

• Download or Media Control – Restrict large file or video download frequency to optimize CDN performance.

• E-commerce Traffic Shaping – Manage checkout or cart requests during high-traffic campaigns.

Built for Performance

Medianova’s Rate Limiting operates at the edge, ensuring minimal latency and zero impact on normal user experience. By combining adaptive enforcement, path-based rules, and real-time analytics, it enables granular control over how traffic interacts with your CDN — keeping your applications fast, fair, and secure.

Edge Cache Expiration controls whether CDN edge servers cache an object and how long the cached content remains valid before it must be refreshed from the origin.

It defines the caching behavior applied at the edge, including modes that disable caching entirely or defer expiration settings to the origin.

You can manage Edge Cache Expiration in the Medianova Control Panel or via API.

Configure Edge Cache Expiration

Use this workflow to define how the CDN determines cache duration and applies expiration rules on edge servers.

• A value of 0 disables caching for both Edge and Origin modes.

• Dynamic mode always bypasses caching on edge servers.

• These settings do not impact browser caching; use for client-side caching behavior.

Best Practices

• Apply long TTL values for static assets such as images, fonts, CSS, and JavaScript.

• Use shorter TTL values for frequently updated or dynamic endpoints.

• Monitor edge cache hit ratios to optimize performance and origin load.

Range Based Caching allows the CDN to cache and deliver content in byte-range segments rather than requiring the entire file to be fetched or cached. This improves performance for large files such as videos, archives, or software downloads by serving only the requested portions.

You can manage Range Based Caching in the Medianova Control Panel or via API.

Select a CDN resource in the CDN section, and navigate to the Caching tab.

Configure Range Based Caching

Behaviour

• The CDN caches content in fixed-size byte segments defined by Segment Size.

• Requests for ranges within the same segment are served directly from cache.

• Useful for video playback, downloads, and large binary files where clients request only parts of a resource.

• A smaller segment size increases cache precision but may increase the number of stored segments.

FAQ

Does Range Based Caching improve video streaming performance? Yes. It prevents the CDN from fetching the entire file when only a portion is requested, improving responsiveness.

What happens if I change the Segment Size? New segment size applies only to future cached segments. Existing segments remain until evicted.

Is this feature required for byte-range requests to work? Byte-range requests work regardless, but enabling Range Based Caching ensures partial responses can come from cache instead of the origin.

The X-XSS Protection feature adds the X-XSS-Protection header to viewer responses. This header instructs compatible browsers to enable their built-in XSS filtering mechanisms. While most modern browsers now ignore this header, the setting can still provide protection for legacy browsers that rely on it.

The feature does not modify origin requests or affect CDN caching behavior.

How X-XSS Protection Works

You can configure X-CDN Header in the Medianova Control Panel or via API

When enabled:

• The CDN adds the following header to viewer-facing responses:

• Browsers that still support the header will block pages that trigger reflected XSS heuristics.

• If disabled, the CDN does not include the header, and browsers revert to their default behavior.

This feature is primarily relevant for environments that depend on legacy browser compatibility.

Use Cases

Legacy browser support

Provide reflected-XSS filtering for older browsers that still honor the header.

Controlled security posture

Ensure consistent browser behavior across mixed device environments or corporate networks with outdated browser fleets.

Notes

• Modern browsers (Chrome, Edge, Safari) ignore X-XSS-Protection and instead rely on CSP (Content-Security-Policy) for XSS mitigation.

• This feature affects only viewer responses, not origin requests.

• Enabling the header does not prevent stored or DOM-based XSS attacks.

The X-CDN Header feature adds an X-CDN header to requests that are forwarded from the CDN to your origin. This allows your origin to identify that the request is coming through Medianova CDN, which can be useful for logging, routing decisions, and origin-side analytics.

How X-CDN Header Works

You can configure X-CDN Header in the or via

When the X-CDN Header toggle is enabled:

• The CDN adds the X-CDN header to the origin request during the fetch operation.

• Your origin receives every request with this header included.

• The header allows your origin to distinguish CDN-proxied traffic from direct client traffic.

• The behavior applies to all request types because insertion occurs before the origin fetch.

This feature is passive and does not alter cache decisions, TTL behavior, Page Rules, or viewer-facing responses.

Use Cases

Origin-side analytics

Log whether a request came through the CDN layer by checking for the X-CDN header.

Conditional behavior at the origin

Apply specific logic (e.g., rate limits, routing decisions, request tagging) based on the presence of this header.

Debugging origin fetches

Verify that requests are reaching your origin through the CDN, especially when diagnosing caching or routing flows.

Notes

• The header is inserted only on the origin request.

• It is not visible to clients and does not appear in viewer-facing responses.

• Header values may differ based on internal CDN configuration.

• Enabling the header does not change caching rules, request normalization, or delivery performance.

1. The IP address of the CDN URL shared with you by the Medianova Technical Sales team or created via a Free trial can be found as follows.

• The CDN URL is pinged by opening the Command Prompt. (CDN URL = <zone_name>.mncdn.com)

Example: ping <zone_name>.mncdn.com

1. The IP address retrieved above is written to the “host” file of your computer.

• Open the Run tab by pressing the Windows key + R.

• Type system32 in the search bar and click ok.

• On the screen that opens, navigate to the drivers folder and open it.

• Navigate to the etc folder in the “drivers” folder and open it.

• Add the IP address you obtained in the first step and the website you want to reach using this IP address and save the file as shown below.

• Clear the browser cache. Make a request to the page by typing in the address bar. After opening the page, right-click on an empty area and select inspect. The Network tab will open. Verify that the .html file comes from Medianova when you see the MNCDN description under the Server tab.

The Error Status Code Cache Expiration feature in the Medianova Cloud Panel for dynamic content allows you to cache error responses (such as 404, 500, etc.) generated by dynamic content for a specified duration. This helps manage error handling efficiently by reducing unnecessary load on the origin server and optimizing cache usage.

Key Features

• Cache Error Status Codes: You can define a set of dynamic error codes (e.g., 404, 500) and specify a cache duration for each. By caching these error responses, you prevent the origin server from repeatedly processing the same error conditions, reducing server load and improving overall performance.

• Removal of Caching Definition: If you decide that certain error codes should no longer be cached, you can remove their definitions. Requests for these error codes will then bypass the CDN cache and go directly to the origin server. However, cached error content will remain in the cache until the specified cache duration expires, ensuring that the system operates smoothly during transitions.

By configuring Error Status Code Cache Expiration for dynamic content, you can control how error responses are handled and cached, reducing server strain while still allowing for accurate error management when needed. This feature is especially useful for error pages that are generated dynamically, such as custom 404 pages or server error responses, where frequent caching can save resources without compromising on error response accuracy.

How to Configure Error Status Cache Expiration

1. Click on the CDN Resources section in the left-hand menu of the Cloud panel.

2. Select the relevant resource.

3. Click on the Caching tab.

4. Navigate to the Error Status Code Cache Expiration section in the Medianova Cloud Panel.

1. Click the Add button to create a new definition.

   • Cache Time: Specify the cache duration for the error code (in seconds).

   • Status Code: Enter the HTTP status code(s) that you want to cache (e.g., 404, 500, etc.).

   • Add Multiple Definitions

The Edge Cache Expiration setting in the Medianova Cloud Panel for dynamic content allows you to control how long dynamically generated content is cached on the CDN edge servers before it expires. This setting helps to strike a balance between performance and freshness, ensuring that dynamic content is served quickly from the edge servers while still allowing for real-time updates from the origin server when needed.

Key Features

• Cache Type: For dynamic content, the cache type ensures that content is cached at the edge servers but can be dynamically retrieved from the origin server as necessary. This ensures that frequently accessed dynamic resources are delivered quickly, while also ensuring the content remains up-to-date when needed.

• Cache Time Configuration: Define the expiration time for dynamic content cached on the edge servers. You can set specific expiration times based on the nature of the dynamic content, ensuring that data is refreshed based on its update frequency. When both edge and origin cache settings are used, the system will prompt you to define cache expiration for each to optimize delivery.

By adjusting the Edge Cache Expiration for dynamic content, you can enhance performance by serving cached content quickly while ensuring that any real-time or user-specific data is always up-to-date. This is especially useful for content that changes frequently, such as user profiles, real-time data, or personalized resources.

How to Configure Edge Cache Expiration

1. Click on the CDN Resources section in the left-hand menu of the Cloud panel.

2. Select the relevant resource.

3. Click on the Caching tab.

4. Navigate to the Edge Cache Expiration section in the Medianova Cloud Panel.

1. Select Cache Type: Choose edge-origin-dynamic as the cache type.

2. Define Cache Expiration Time: When both edge and origin cache settings are enabled, you will be prompted to specify the cache expiration time for both. Set the expiration time according to your needs.

3. Once you’ve configured the expiration time, click Save to apply the changes.

By setting the Edge Cache Expiration, you can ensure that content is efficiently cached on the edge servers while still allowing for timely updates from the origin server when required.

The Cookie-Base Cache feature in the Medianova Cloud Panel enables caching decisions based on specific cookies. This feature allows you to define multiple cookie values, ensuring that content caching aligns with different user sessions and dynamic content requirements.

Key Features

• Cache Based on Specific Cookies: When enabled, this feature ensures that caching behavior is determined by the presence and values of specified cookies. This is particularly useful for personalizing content or delivering dynamic resources based on user-specific data.

• Support for Multiple Cookies: You can define multiple cookies to fine-tune caching strategies for diverse user interactions. Each cookie value can influence how the cache is managed for specific scenarios.

How to Configure Cookie Base Cache

1. Navigate to the CDN Resources section in the left-hand menu of the Medianova Cloud Panel.

2. Select the relevant resource.

3. Click on the Caching tab.

4. Scroll down to the Cookie-Based Cache section.

Important Notes

• Dynamic Content Optimization: This feature helps deliver personalized or session-specific content by adjusting caching behavior based on user cookies.

• Multiple Cookie Values: Define as many cookie values as necessary to address the caching needs of your application.

By configuring the Cookie-Based Cache settings, you can ensure a seamless user experience while optimizing caching for dynamic and personalized content delivery.

WAF is Medianova’s intelligent web security layer that protects your applications from malicious traffic, bots, and exploits. With real-time filtering, custom rule control, and built-in analytics, it helps you prevent attacks before they reach your origin servers.

Why Choose WAF?

Medianova WAF combines ease of use, robust protection, and edge-level performance to keep your web applications secure. Unlike standard firewalls, WAF protects against both network and application-layer attacks.

• Edge-level protection – All traffic is filtered at Medianova’s global CDN edge before it reaches your origin.

• Managed Rules – Constantly updated rulesets by Medianova’s Security Team, including OWASP Top 10 protections.

• Custom Rules – Define your own rules to block, allow, or log specific requests.

• Real-time defense – Detect and mitigate attacks instantly without affecting legitimate traffic.

Key Features

• OWASP Top 10 Protection – Shields against SQL Injection, XSS, and other common web vulnerabilities.

• Custom Rule Engine – Create granular policies based on IP, URI, headers, or user agents.

• Monitoring Mode – Observe how rules behave before full activation.

• Instant Mitigation – Block or log attacks in real time with no latency impact.

Use Cases

• Web Application Security – Protect public websites and portals from injection and XSS attacks.

• API Protection – Filter and control requests to your backend APIs.

• E-commerce Security – Prevent data breaches, bot abuse, and checkout exploitation attempts.

Built for Modern Web Security

Medianova WAF delivers enterprise-grade web protection that’s easy to deploy and manage through the . It helps you stay secure without adding complexity — protecting your applications from the edge, in real time.

Page Rules trigger one or more actions on an incoming request to Medianova CDN whenever a defined URL pattern is matched.

Page Rules are available in the Medianova Panel for any CDN resource in the Page Rules tab.

Available settings for Page Rules include Cache Type, Custom Header, Geoblocking and more.

Availability

Page Rules can be configured foror CDN resources of type Small, Dynamic, Large & VOD.

The default number of allowed page rules depends on the package as shown below.

Priority Order Matters

Only one Page Rule will trigger per URL, that is the the matching page rule with the highest priority.

In the Medianova Panel, Page Rules are sorted top-to-bottom from highest priority to lowest priority. For this reason, we recommend ordering your rules from most specific to least specific.

The Origin Response Timeout setting in the Medianova Cloud Panel allows you to control how long the system waits for a response from your origin server before marking the request as failed. In dynamic content delivery, where requests often depend on real-time data or API responses, managing timeout settings becomes critical to ensure responsiveness and maintain performance.

Key Features

• Customizable Timeout Duration Set a specific time (in seconds) for the system to wait for responses from your dynamic origin server.

  • Min: 5 seconds

  • Max: 300 seconds

• Dynamic Content Optimization Adjust timeout settings to account for real-time backend processing or API response variability, balancing performance and availability.

• Improved Request Efficiency Reduce failed requests and latency by defining appropriate timeout values for dynamic origin servers.

Key Benefits

• Real-Time Performance: Ensures dynamic requests complete within acceptable timeframes, even under variable load.

• Optimized API Handling: Prevents unnecessary failures when API responses require slightly longer processing.

• Enhanced User Experience: Reduces delays for end users, ensuring that dynamic content is delivered seamlessly.

How to Configure Origin Response Timeout

1. Click on the CDN Resources section in the left-hand menu of the Cloud panel.

2. Select the relevant resource.

3. Click on the Origin Settings tab.

4. Navigate to the Origin Response Timeout section in the Medianova Cloud Panel.

1. Set the Timeout Duration: In the Origin Response Timeout section, set the timeout value between 5 seconds and 300 seconds, according to your needs.

2. After adjusting the timeout, click Save to apply the new settings.

By configuring the Origin Response Timeout, you can optimize the time the system waits for a response, ensuring that requests are handled efficiently without unnecessary delays.

The Etag Verification feature in the Medianova Cloud Panel for dynamic content allows the CDN to validate cached dynamic content against the origin server using entity tags (ETags). This ensures that the dynamically generated resources are up-to-date and that the CDN only refreshes the cache when the content has changed, optimizing both performance and accuracy.

Key Features

• Etag Validation:

  • When enabled, the Etag header is used to check the validity of cached dynamic content. This ensures that the content served from the CDN is always synchronized with the most recent version from the origin server. The Etag helps prevent the delivery of outdated or incorrect content, especially for dynamic resources that might change frequently based on user interactions, session data, or real-time information.

By using Etag Verification for dynamic content, you ensure that the CDN serves the freshest version of dynamic resources without unnecessarily re-fetching them from the origin server, improving load times and resource utilization. This is especially beneficial for dynamic content that changes often, such as personalized data, real-time updates, or API responses.

How to Enable Etag Verification

1. Click on the CDN Resources section in the left-hand menu of the Cloud panel.

2. Select the relevant resource.

3. Click on the Caching tab.

4. Navigate to the Etag Verification section in the Medianova Cloud Panel.

The Enable Gzip from Origin setting lets Medianova CDN fetch gzip-compressed content directly from your origin using the Accept-Encoding: gzip header. When enabled, the CDN retrieves already-compressed versions of text-based files such as .js, .css, and .txt instead of fetching and compressing them again.

This reduces origin data transfer and improves delivery performance.

You can enable this feature via or API

Enable Gzip from Origin

Medianova CDN starts sending the Accept-Encoding: gzip header to your origin for eligible file types.

Troubleshooting

The Stale Cache feature in the Medianova Cloud Panel for dynamic content allows you to serve previously cached content when certain HTTP error codes or an "Updating" status is encountered. This ensures continuous availability of content, even during temporary issues with the origin server or while content is being updated.

Key Features

• Maintain Availability: The Stale Cache feature allows you to serve cached content when the origin server is temporarily unavailable or encounters specific error codes (such as 500 or 503). This ensures that users can still access content without disruption, even if the origin server is experiencing issues.

• Customizable Error Triggers: You can define which HTTP error codes or the "Updating" status will trigger the use of stale cached content. This allows you to customize when the CDN should serve cached content instead of waiting for a fresh response from the origin server.

• Improved User Experience: By serving stale cached content during backend disruptions, the Stale Cache feature minimizes downtime and ensures users continue to have access to content. This is particularly useful for dynamic content that might be subject to frequent changes or when there are temporary delays in fetching new data from the origin server.

The Stale Cache feature helps enhance reliability and user experience by reducing the impact of origin server downtime or content updates, ensuring that users are always able to access content with minimal interruptions.

Supported Triggers:

You can configure the system to serve stale cached content when any of the following statuses are detected:

• Updating: Triggered when content is in the process of being updated.

• HTTP_500: Internal Server Error.

• HTTP_502: Bad Gateway.

• HTTP_503: Service Unavailable.

How to Configure Stale Cache

1. Click on the CDN Resources section in the left-hand menu of the Cloud panel.

2. Select the relevant resource.

3. Click on the Caching tab.

4. Navigate to the Stale Cache section in the Medianova Cloud Panel.

SSL/TLS certificates enable encrypted HTTPS communication between users and CDN Resources. You can upload your own certificate, use Medianova’s shared SSL, or activate a free certificate provided by Let’s Encrypt.

Redirect Handle From Origin allows the CDN to modify request or response headers when the origin returns a 3xx redirect.

You can select which redirect codes to handle and optionally add or modify headers sent during redirection.

This provides greater control over origin-driven redirects and ensures consistent client behavior.

You can manage Redirect Handle From Origin using the or the .

In the , go to CDN Resources, select your resource, and navigate to Origin Settings

WAF (Web Application Firewall) enhances your website’s security by inspecting and filtering incoming HTTP/HTTPS traffic. You can enable it for any Dynamic CDN Resource, select the protection mode, and create Custom Rules to detect and block malicious requests.

Error Status Code Cache Expiration defines how long selected HTTP error responses (such as 404 or 500) stay valid in the CDN cache. This reduces repeated requests to the origin when the same error occurs frequently.

You can manage Error Status Code Cache Expiration in the or via .

Select a CDN resource in the CDN section, and navigate to the Caching tab.

Configure Error Status Code Cache Expiration

Stale Cache allows CDN edge servers to deliver the last cached version of an object when the origin becomes temporarily unavailable. This includes conditions such as 500–504 errors, invalid headers, timeouts, forbidden responses, or an Updating status. Enabling Stale Cache helps maintain availability and ensures continuity of service during short-term origin instability.

You can manage Stale Cache in the or via .

Log in to the Medianova Control Panel, select a CDN resource in the CDN section, and navigate to the Stale Cache.

Configure Stale Cache

This workflow defines which origin responses allow the CDN to serve stale cached content.

Prefetch allows you to pull specific files from your origin into the CDN cache before any user requests them. Use this feature to eliminate cache misses, reduce origin load, and ensure fast delivery to the first users.

You can initiate Prefetch via the or .

Mobile Device Cache allows the CDN to generate different cache entries based on the detected device type. This ensures that each device category receives appropriately formatted content without cache conflicts.

The feature also forwards device information to your origin using the X-DEVICE and X-MOBILE headers.

You can manage Mobile Device Cache in the

Log in to the , select a CDN resource in the CDN section, and navigate to the Caching tab.

Enable Mobile Device Cache

Gzip and Brotli compression reduces file sizes by up to 80% for common content types like HTML, CSS and JavaScript, leading to faster load times and improved user experience. This not only enhances website performance and improves SEO / Core Web Vitals, but also decreases bandwidth usage, saving CDN costs and ensuring efficient content delivery.

Compression at the Edge

Gzip compression happens at Medianova Midcache servers, which is then passed on to the Edge servers. Both the Midcache and Edge servers may cache the Gzip compressed content for faster delivery of next responses. Edge servers perform Brotli compression on-the-fly when requested by the client.

Medianova delivers content with Gzip compression, Brotli compression or no compression depending on:

You can manage Purge operations in the or via .

Log in to the , select a CDN Resource in the CDN section, and navigate to the Purge tab.

Purge Cached Files

Purge instantly invalidates cached content across all Medianova CDN cache layers. Use this feature when updated content is not yet reflected or when outdated assets need to be refreshed.

The Query String Caching feature in the Medianova Cloud Panel for dynamic content allows you to manage how query strings are handled and cached by the CDN. For dynamic content, query strings often carry important parameters, such as user-specific data, filters, or session identifiers. With this feature, you can control how variations of a dynamic URL with different query strings are cached separately or treated as the same resource.

Key Features

• Enable Query String Caching: When enabled, each unique query string variation of a dynamic URL will be cached separately. This allows dynamic content with different query parameters (e.g., user IDs, session tokens, or filters) to be treated as distinct cached resources, optimizing delivery for different content variations.

The X-Content-Type-Options feature adds the X-Content-Type-Options header to viewer responses. This header instructs compatible browsers not to perform MIME sniffing and to rely strictly on the Content-Type declared by the server. Disabling MIME sniffing helps reduce exposure to certain injection and cross-site scripting (XSS) vectors.

Enable Gzip From Origin allows the CDN to request text-based files from your origin using the Accept-Encoding: gzip header.

If the origin supports gzip, the CDN stores the compressed version in cache; otherwise, it stores the uncompressed response.

The X-Frame Options feature adds the X-Frame-Options HTTP response header to prevent unauthorized framing of your website. This header is commonly used to mitigate clickjacking attacks by restricting how and where your content can be embedded inside an <iframe>.

When enabled, the CDN includes the header in responses according to the configuration you provide.

How X-Frame Options Works

You can configure X-CDN Header in the or via

HTTP Strict Transport Security (HSTS) instructs browsers to connect to your domain only over HTTPS for a defined period of time. When enabled, the CDN adds the Strict-Transport-Security header to HTTPS responses, preventing protocol downgrade attacks and reducing the risk of session or cookie interception.

HSTS can also extend enforcement to subdomains and optionally request inclusion in browser preload lists.

How HSTS Protection Works

You can configure X-CDN Header in the or via

IP Restriction enables you to define which IP addresses can access your CDN Resources by using either whitelist or blacklist rules. When configured, access control is enforced at the CDN edge, ensuring that unauthorized requests are blocked before they reach your origin server.

You can enable IP Restriction for each CDN Resource in the

The Rewrite Origin URLs feature enables precise control over how dynamic requests are routed to the origin server. By defining flexible rewrite rules, you can seamlessly map public-facing URLs to complex backend structures, ensuring efficient content delivery for frequently changing or user-specific resources.

Key Features

• Match Mode Options: Define dynamic matching criteria to identify URL patterns that require rewriting. Supports regular expressions and parameter-based matching for complex routing scenarios.

1. Click on the CDN Resource menu, select the CDN Resource you created and move to the Caching menu.

1. First you need to configure the Cache Settings at the bottom of the page. Cache Type field provides two options.

The Redirect Handle From Origin feature provides advanced control over how redirects are managed between the CDN and your origin server, tailored specifically for dynamic content delivery. Redirects for dynamic content often depend on real-time variables, such as user sessions, geolocation, or API responses. This feature ensures that such redirects are handled efficiently, maintaining low latency and a seamless user experience.

Key Features

• 3xx Status Code Configuration Customize and manage HTTP status codes in the 3xx range (e.g., 301, 302, 307) to optimize redirect behavior for dynamic content. Fine-tune how redirect rules interact with personalized or session-based requests.

Cross-origin resource sharing (CORS) is a browser security mechanism that determines whether a web page can load resources from a different origin. While browsers allow cross-origin images, CSS files, scripts, iframes, and videos without restrictions, other request types — such as Ajax calls and web fonts — are blocked by default under the same-origin policy.

CORS defines how browsers and servers evaluate cross-origin requests. Medianova CDN can send the access-control-allow-origin header in HTML responses to enable controlled cross-origin access.

By default, Medianova CDN forwards any CORS-related headers sent by your origin. You only need to enable CORS Header if you want CDN edges to set or override this header.

The Shared Cache feature in the Medianova Cloud Panel for dynamic content allows you to define a Domain Cache Key, enabling multiple accounts or domains to share the same cached content. This feature helps optimize content delivery, reduces redundancy, and ensures that the same cached data is available across relevant accounts, making caching more efficient.

Key Features

• Domain Cache Key: The Domain Cache Key is used to define a shared cache structure, ensuring that multiple accounts or domains can access the same cached content. This eliminates the need to cache identical dynamic content separately for each account, thus improving caching efficiency and reducing the load on the origin server.

Static Content Delivery accelerates websites and applications by distributing static assets—such as images, CSS, and JavaScript files—across Medianova’s globally distributed CDN network. By caching content at the edge, end-users receive data from the nearest server, reducing latency and improving overall page load performance.

The Header Value-Based Cache feature in the Medianova Cloud Panel allows you to control caching behavior based on specific header values. By defining the type (deny or allow), along with the header and its corresponding value, you can precisely determine whether content should be cached.

Key Features

• Control Caching with Header Values: This feature enables caching rules to be influenced by specific header values, allowing for flexible and dynamic cache management.

The Header-Base Cache feature in the Medianova Cloud Panel enables caching decisions based on specific HTTP headers. By defining multiple header key-value pairs, you can control how content is cached depending on the request headers, allowing for advanced caching strategies tailored to your application's needs.

Key Features

• Cache Based on HTTP Headers: When enabled, this feature allows caching behavior to be determined by specific HTTP header key-value pairs, ensuring dynamic and personalized content delivery.

The Custom Header feature allows you to add, modify, or remove HTTP headers for both origin requests and CDN responses. This configuration enables fine-grained control over how headers are passed, overwritten, or stripped at different stages of the delivery flow.

When Custom Header is enabled, you can define multiple header actions, each with a specific key–value pair and rule type. All rules are executed by CDN edge servers for the selected CDN Resource.

You can configure Custom Header in the or via

Configure Custom Header