Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Protect your applications and APIs from volumetric and protocol-based attacks with Medianova’s multi-layer, always-on DDoS mitigation system.
A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt normal traffic by overwhelming a target system or network with excessive requests. Medianova’s DDoS Protection automatically detects and mitigates these attacks without requiring any manual activation. From rate limiting to IP and Geo blocking, Medianova ensures uninterrupted availability even under heavy attack conditions.
Medianova integrates several protection layers designed to stop attacks before they impact your services.
Your DDoS protection is active by default. There is no need for additional setup — your web assets are continuously monitored and protected against common attack types such as:
DNS Query Floods
Slowloris Attacks
HTTPS GET / POST Floods
Medianova’s global distributes thousands of requests across multiple servers. This prevents traffic overload on a single endpoint and mitigates large-scale network floods.
Anycast DNS not only improves security but also reduces latency by routing users to the nearest edge location.
You can reduce the risk of DDoS threats by concealing your origin IP before an attack begins. Medianova provides an extra layer of protection through Secure Cloud, limiting exposure of your origin infrastructure and filtering harmful traffic before it reaches your servers.
Warning: Exposing your origin IP directly allows attackers to bypass DDoS mitigation layers.
Edge-level rate limiting and Geo-based filtering restrict malicious or excessive traffic patterns. This ensures that legitimate users maintain access while harmful requests are dropped early in the network path.
When combined with Medianova’s , DDoS Protection forms a complete multi-layer defense system. This integration protects not only against volumetric attacks but also against application-layer threats, such as bot floods or malicious payloads targeting web applications.
Conceal your origin IP using Secure Cloud or Origin Shield.
Combine DDoS Protection with WAF for enhanced multi-layer defense.
Keep critical DNS zones under to distribute load globally.
Regularly review threat and access logs to identify abnormal patterns.
Medianova DDoS Protection delivers continuous and intelligent protection against both volumetric and application-layer attacks. By combining global Anycast DNS distribution, adaptive rate limiting, and origin shielding, Medianova ensures your online services remain fast, secure, and always available.
Secure your CDN traffic and applications with SSL/TLS encryption to ensure private, authenticated communication between clients and servers.
Secure Socket Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols that provide encrypted communication between clients and servers. They ensure data privacy, integrity, and authentication—protecting your website and CDN-delivered assets against interception or tampering.
Over time, the traditional HTTP protocol evolved into HTTPS, which uses SSL/TLS encryption to secure all data exchanged between users and websites. Medianova CDN supports HTTPS by default and allows you to manage SSL certificates directly through the platform.
TLS is the modern version of SSL. All Medianova services use TLS 1.2 and 1.3 for enhanced security and performance.
Confidentiality: Encrypts all client–server communications.
Integrity: Prevents data alteration or man-in-the-middle attacks.
Authentication: Confirms your site’s identity through trusted Certificate Authorities (CAs).
Trust & SEO: HTTPS improves user confidence and search engine ranking.
Medianova CDN supports all common SSL/TLS certificates. Choose the one that fits your infrastructure and domain structure.
For setups serving multiple domains or subdomains, consider Wildcard or SAN-supported certificates to simplify management.
A user requests your content via HTTPS.
The CDN edge node presents a valid SSL/TLS certificate.
Encrypted communication is established between the client and the edge server.
The edge communicates securely with your origin server (if origin SSL is configured).
Always use HTTPS for all CDN-enabled resources.
Prefer TLS 1.3 for stronger encryption and faster handshakes.
Keep certificates renewed before expiration to avoid service disruption.
Use Wildcard or SAN certificates to simplify certificate management.
SAN (Subject Alternative Name)
Covers multiple domains under a single certificate.
Multi-domain architectures
Code Signing SSL
Used by developers to verify the integrity of software or drivers.
Application signing, APIs
Data is delivered end-to-end through encrypted channels.
Avoid mixed-content warnings by ensuring all assets (images, scripts) load over HTTPS.
Domain Validation (DV)
Validates domain ownership only. Simple and fast to issue.
Blogs, small websites
Organization Validation (OV)
Confirms both domain and company identity.
Corporate or business sites
Extended Validation (EV)
Highest validation level; displays organization name in browser UI.
E-commerce, financial platforms
Wildcard SSL
Secures a domain and all its subdomains (e.g., *.yourdomain.net).
Multi-subdomain services
Learn how to extract .crt and .key files from a .pfx certificate using OpenSSL.
Learn how to enable and manage free SSL certificates in the Medianova Control Panel.
Free SSL certificates provide an easy and cost-effective way to secure your CDN Resources without purchasing a commercial SSL. Medianova integrates Let’s Encrypt to automatically issue and renew these certificates through the SSL Management interface.
A valid .pfx file provided by the customer.
The password for the .pfx file.
OpenSSL installed on your local machine.
(Optional) Rename the file for clarity using this format:
domain.pfx — for example: medianova_com.pfx.
This procedure automates the extraction of certificate and key files from .pfx bundles.
You can now use the generated .crt and .key files to upload your own SSL certificate in the Medianova Control Panel.
To begin, log in to the Medianova Control Panel and open the SSL Management section.
Navigate to CDN → SSL Management in the left-hand menu.
Review your existing SSL certificates.
Click Add New SSL in the upper-right corner.
Medianova automatically performs domain verification using Let’s Encrypt.
Wait for the verification process to complete.
Once successful, click Confirm to finalize installation.
The new SSL certificate will appear in your SSL Management list and can now be assigned to your CDN Resources.
#!/bin/bash
# Usage: ./extract-cert.sh <pfx-password>
# 1. Extract encrypted private key
openssl pkcs12 -in domain.pfx -nocerts -out encrypted-domain.key -passin pass:$1 -passout pass:$1
# 2. Decrypt the private key
openssl rsa -in encrypted-domain.key -out domain.key -passin pass:$1
# 3. Extract public certificate
openssl pkcs12 -in domain.pfx -clcerts -nokeys -out domain.crt -passin pass:$1
# 4. Verify that the certificate and key match
first=$(openssl x509 -in domain.crt -modulus -noout | openssl md5)
second=$(openssl rsa -in domain.key -modulus -noout | openssl md5)
if [[ "$first" == "$second" ]]; then
echo "✅ Certificate and Key match."
else
echo "❌ Mismatch between certificate and key."
fiA name to identify the certificate in your organization.
Wildcard
(Optional) Enable this option to secure all subdomains under the same domain (e.g., *.example.com).
Domain
Select the domain associated with your CDN Resource.
yourPFXpassword with the actual password for your .pfx file.
The script automatically validates whether the .crt and .key match.domain.key
Unencrypted private key.
encrypted-domain.key
Encrypted private key (temporary, can be deleted).
.pfx file and password before re-running the script.domain.crt
Public certificate.
chmod +x extract-cert.sh./extract-cert.sh yourPFXpassword✅ Certificate and Key match.❌ Mismatch between certificate and key.The Web Application Firewall (WAF) allows you to define Custom Rules that specify how incoming traffic is evaluated. Each rule can match certain request attributes and apply an action — such as Block, Allow, or Log Only — when conditions are met.
Each action defines how WAF handles a matched request:
Note: “Log Only” is ideal for testing or monitoring potential issues before applying stricter blocking rules.
Prevent unauthorized use of your media files by blocking external websites from embedding or linking directly to your CDN-hosted assets.
Hotlink Protection restricts access to your CDN Resource by verifying the Referer header in each HTTP request. When enabled, it ensures that only requests originating from your allowed domains can retrieve content from your CDN. Requests coming from unauthorized sources — such as external websites directly embedding your files — are blocked or redirected automatically.
Hotlink Protection helps you:
Protect bandwidth – Prevent others from using your CDN capacity to serve their own content.
Secure digital assets – Stop unauthorized sharing or embedding of your hosted media.
Reduce server load – Block high-traffic external sites from consuming resources.
Maintain brand control – Ensure your content appears only on trusted domains.
Prevent abuse – Stop third-party sites from monetizing your media.
Hotlink Protection checks the Referer field of every HTTP request. If the Referer does not match your whitelisted domain list, the CDN automatically denies or redirects the request.
Add multiple allowed domains to the whitelist for multi-site deployments (e.g., www.medianova.com, cdn.medianova.com).
Enter a Rule Name for easy identification.
Select a Field (parameter) from the dropdown — such as:
Request Method (GET, POST, etc.)
Client IP
Request URI
User Agent
Referrer
Choose an Operator, such as equals, contains, or matches.
Enter the Value to match.
(Optional) Add additional conditions using the And operator.
Select an Action to perform when the rule conditions are met:
Block – Reject the request and log the event.
Allow – Permit the request to proceed to origin.
Log Only – Record the request for review without blocking.
Click Save to apply the rule.
Delete: Click the Delete icon to permanently remove the rule.
Reorder (if supported): Drag and drop to change rule evaluation priority.
Block
Immediately rejects the request with an error response.
Allow
Lets the request pass to the origin server.
Log Only
Records the event for analysis without blocking traffic.
Allow
Serves content when the Referer is from an authorized source.
Block
Rejects requests from unauthorized sites.
Redirect
Sends unauthorized users to a specified page or image.
Learn how to activate and configure the Web Application Firewall (WAF) for your CDN Resources in the Medianova Control Panel.
WAF (Web Application Firewall) enhances your website’s security by inspecting and filtering incoming HTTP/HTTPS traffic. You can enable it for any Dynamic CDN Resource, select the protection mode, and create Custom Rules to detect and block malicious requests.
Always start with Monitoring Only mode for new configurations.
Combine Managed Rules and Custom Rules for optimal coverage.
Review your WAF Analytics regularly to track threats and rule behavior.
Avoid creating overly broad rules to minimize false positives.
Protect your web applications from common exploits and malicious traffic with Medianova’s Web Application Firewall (WAF).
WAF is Medianova’s intelligent web security layer that protects your applications from malicious traffic, bots, and exploits. With real-time filtering, custom rule control, and built-in analytics, it helps you prevent attacks before they reach your origin servers.
Medianova WAF combines ease of use, robust protection, and edge-level performance to keep your web applications secure. Unlike standard firewalls, WAF protects against both network and application-layer attacks.
Edge-level protection – All traffic is filtered at Medianova’s global CDN edge before it reaches your origin.
Managed Rules – Constantly updated rulesets by Medianova’s Security Team, including OWASP Top 10 protections.
Custom Rules – Define your own rules to block, allow, or log specific requests.
Real-time defense – Detect and mitigate attacks instantly without affecting legitimate traffic.
OWASP Top 10 Protection – Shields against SQL Injection, XSS, and other common web vulnerabilities.
Custom Rule Engine – Create granular policies based on IP, URI, headers, or user agents.
Monitoring Mode – Observe how rules behave before full activation.
Instant Mitigation – Block or log attacks in real time with no latency impact.
Web Application Security – Protect public websites and portals from injection and XSS attacks.
API Protection – Filter and control requests to your backend APIs.
E-commerce Security – Prevent data breaches, bot abuse, and checkout exploitation attempts.
Medianova WAF delivers enterprise-grade web protection that’s easy to deploy and manage through the . It helps you stay secure without adding complexity — protecting your applications from the edge, in real time.
Learn how to identify, analyze, and minimize false positives in the Web Application Firewall (WAF) to ensure accurate protection without disrupting legitimate traffic.
A false positive occurs when the WAF blocks or flags a legitimate request as malicious. This can happen due to aggressive rule patterns or incomplete exceptions. Proper handling of false positives helps maintain both security and availability of your applications.
Identify False Positives
Use WAF logs and analytics to locate requests that were incorrectly blocked or flagged.
Open the Medianova Control Panel.
Go to Analytics → WAF Dashboard.
Review blocked requests and event logs.
Look for requests that match normal user or API behavior but are classified as threats.
Analyze Rule Behavior
Determine which rule caused the false detection. You can identify the Rule ID or Rule Name responsible by inspecting the event details in the WAF dashboard.
Adjust Rules or Add Exceptions
After identifying the cause, fine-tune your rules to allow legitimate traffic while keeping protection active.
You can:
Modify an existing rule
Adjust the Field, Operator, or Value
Validate After Adjustments
Once changes are made, monitor the WAF dashboard again:
Keep the affected rule in Log Only mode for several hours or days.
Check if the same requests are still flagged.
Learn how to enable and configure IP Restriction in the Medianova Control Panel to allow or block access from specific IP addresses.
IP Restriction enables you to define which IP addresses can access your CDN Resources by using either whitelist or blacklist rules. When configured, access control is enforced at the CDN edge, ensuring that unauthorized requests are blocked before they reach your origin server.
You can enable IP Restriction for each CDN Resource in the Medianova Control Panel.
Learn how to interpret the Web Application Firewall (WAF) dashboard and key analytics metrics in the Medianova Control Panel.
Control traffic flow, protect resources, and ensure fair usage across your CDN resources with Medianova’s intelligent Rate Limiting feature.
Rate Limiting helps you maintain stable application performance by controlling how many requests a client can make in a given time frame. It protects against excessive API calls, brute-force attempts, and high-frequency requests that can degrade origin performance or service quality.
With Medianova’s edge-level implementation, rate limits are applied directly at the CDN layer — before the traffic reaches your origin servers — ensuring both reliability and efficiency.
Rate Limiting is available for Dynamic CDN Resources and can be configured per domain, path, or file extension through the .
Control access to your CDN Resources by allowing or blocking specific IP addresses through whitelist or blacklist configurations.
IP Restriction (Access Control List – ACL) allows you to manage which IP addresses can access your CDN Resource. You can choose between two modes: Whitelist or Blacklist, to define how access is granted or denied.
Whitelist Mode: Only the IP addresses you specify are allowed to access your resource. All other IPs are denied.
Blacklist Mode: The IP addresses you specify are denied access. All other IPs are allowed.
Actionable analytics – Gain visibility into threats, attack sources, and triggered rules through the Control Panel.
Integrated Analytics – Visual dashboards for traffic and threat insights.
False Positive Control – Fine-tune rules to balance protection and accessibility.
Preventing abuse or overload from bots or aggressive clients.
Protecting login endpoints and API gateways from brute-force attacks.
Ensuring fair bandwidth distribution among users.
Preserving origin stability and avoiding unnecessary compute or database load.
Allowing flexible control through customized thresholds and actions.
Customizable Limits – Define request thresholds per second or minute to suit your application.
Edge-Level Enforcement – Limit requests at the CDN edge, preventing overload before it reaches your origin.
Burst Control Options – Configure how short bursts of requests are handled:
Burst – Allows short spikes within the limit window.
Burst + No Delay – Permits short bursts without delay enforcement.
None – Strict limit; requests beyond the threshold are immediately blocked.
IP Whitelisting – Exclude trusted IPs, monitoring tools, or partners from rate enforcement.
Flexible Actions – Choose to Block or Challenge clients that exceed limits.
Configurable HTTP Response Codes – Return 429 or 529 errors when limits are exceeded.
Path & Extension Support – Apply rate limits to specific endpoints (e.g., /login, /api/) or file types (e.g., .pdf, .mp4).
API Protection – Prevent abuse of public APIs and ensure consistent response times.
Authentication Endpoints – Limit login attempts to protect user accounts.
Download or Media Control – Restrict large file or video download frequency to optimize CDN performance.
E-commerce Traffic Shaping – Manage checkout or cart requests during high-traffic campaigns.
Bot Mitigation – Reduce load from automated crawlers or scrapers.
Medianova’s Rate Limiting operates at the edge, ensuring minimal latency and zero impact on normal user experience. By combining adaptive enforcement, path-based rules, and real-time analytics, it enables granular control over how traffic interacts with your CDN — keeping your applications fast, fair, and secure.
You can configure and monitor Rate Limiting directly through the Medianova Control Panel under the Security section.
Outdated rule condition
Old regex pattern still matching new endpoint
Example: Change “contains /api” to “equals /api/admin”.
Change the rule action
Temporarily switch from Block to Log Only to monitor.
Add an exception rule
Allow requests from a specific IP, URI, or User Agent.
Whitelist internal services
Add known internal IPs (monitoring tools, API clients) to an allowlist.
Overly broad request URI match
Blocking /api/v1/ instead of /api/v1/admin
Strict User Agent filtering
Blocking “curl” used in automated internal scripts
Missing whitelist entry
Internal monitoring IPs not excluded
Open the IP Restriction (ACL) section.
Blacklist
The IP addresses you add will be blocked. All others will be allowed.
192.168.0.0/24).Press Enter or click the + icon to add it to the list.
Repeat for additional IPs or ranges.
Click Save to apply changes.
Delete: Click the Delete icon to remove it.
Save Changes: Click Save after every modification to ensure updates are applied at the edge.
Attempt access from a restricted IP → access should be denied or redirected.
Review logs or analytics to confirm correct enforcement.
Whitelist
Only the IP addresses you add will be allowed. All others will be blocked.
On: Fully active mode that filters and blocks malicious traffic in real time.
After selecting a mode, click Save to apply the change.
Rule configuration is optional at activation. WAF includes predefined Managed Rules that are enabled by default.
WAF logs and metrics may take up to a few minutes to appear after initial activation.
You can access the WAF analytics from the Medianova Control Panel. Navigate to Analytics → WAF, then select the CDN Resource for which WAF is enabled. The dashboard displays real-time charts, tables, and logs that visualize threat activity, blocked requests, and triggered rules.
1. Attack Histogram
Shows the number of attacks over time, helping you detect spikes or recurring patterns. You can filter by URL to analyze specific endpoints under attack.
Use it for: spotting attack trends and determining peak hours of malicious traffic.
2. Threats
Displays the total number of requests that triggered WAF rules versus total incoming requests. Includes summary values such as:
Total: All detected threats since activation
Today: Threats detected in the last 24 hours
This Month / Last Month: Periodic comparison
Use it for: measuring overall WAF effectiveness and identifying sudden spikes that may signal an attack.
3. Top Client IPs
Lists the IP addresses triggering the most WAF rules. A pie chart provides a quick visual overview of threat sources.
Use it for: detecting potential attackers or regions generating malicious traffic.
4. Top Request URIs
Shows the URLs most frequently targeted by suspicious or blocked requests.
Use it for: identifying vulnerable endpoints or popular attack targets.
If a specific path (e.g., /login, /api/v1/auth) appears repeatedly, consider applying additional rule protections.
5. Top User Agents
Lists browsers, bots, or automated clients generating flagged requests.
Use it for: distinguishing legitimate traffic from malicious bots. Unusual or outdated User Agents may indicate automated attack tools.
6. Rule Activity
Displays which WAF rules are triggered most often, showing their frequency and relative impact.
Rule ID / Name
Identifier of the triggered rule.
Triggers
Number of times the rule matched incoming requests.
Last Triggered
Most recent occurrence time.
Use it for: assessing rule efficiency and identifying potential false positives. Frequently triggered rules may need refinement or condition adjustments.
7. Activity Log (Last 300 Requests)
Shows detailed information about the most recent flagged requests, including:
Timestamp
IP address
Request URI
User Agent
Triggered Rule
Use it for: investigating incidents and validating rule accuracy. Regular review helps fine-tune your security posture.
Review WAF analytics at least weekly to identify trends.
Watch for repeated attacks from the same IPs or regions.
Use the Threats and Rule Activity metrics to detect false positives or over-triggered rules.
Adjust or refine rules based on recurring attack patterns.
Combine analytics data with logs from your origin server for deeper context.
Whitelist and Blacklist modes are mutually exclusive — only one can be active at a time.
Use IP Restriction to:
Protect internal or staging environments from unauthorized access.
Restrict API access to trusted partners or corporate networks.
Block known malicious IP ranges or suspicious activity.
Ensure compliance with internal security policies.
Whitelist Mode – Only the IP addresses you specify are allowed to access the resource. All other traffic is blocked.
Blacklist Mode – The IP addresses you specify are denied access, while all other IPs are permitted.
Edge-Level Enforcement – Filtering occurs at the CDN edge, ensuring zero impact on origin performance.
CIDR Range Support – Define large IP ranges using CIDR notation (e.g., 192.168.1.0/24).
Mutually Exclusive Modes – You can use either whitelist or blacklist mode, but not both simultaneously.
Use Whitelist mode for restricted corporate APIs and Blacklist mode for public-facing applications that need selective blocking.
Medianova’s IP Restriction system provides a simple yet powerful way to enforce access control at the CDN level. By validating requests before they reach your infrastructure, it prevents unauthorized access and improves overall performance stability. Combined with other Security features such as Rate Limiting, WAF, and Hotlink Protection, it forms a robust multi-layer defense mechanism.
Rate Limiting helps manage client request traffic by defining thresholds on how many requests a user or IP can make within a specified time window. This feature operates at the CDN edge, preventing excessive traffic from reaching your origin servers and maintaining stable performance.
Some parts of your application may require different rate limits — for example, to protect login endpoints or limit access to downloadable files — without affecting the entire CDN resource.
With Path & Extension Based Rate Limiting, you can define request thresholds that apply only to specific URL paths (such as /login or /api/) or file types (like .pdf, .jpg, or .mp4).
These rules are managed under the Page Rules section in the Medianova Control Panel and allow more granular control over how traffic is handled at the edge.
Use this feature when you need to:
Apply stricter limits to sensitive routes such as /auth/, /checkout, or /login.
Restrict access to large media or document files.
Combine global rate limits with path-level overrides for flexible traffic management.
Learn more: See for configuration steps and advanced examples.
Time Interval
The period within which requests are counted (e.g., per second, per minute).
Allows short spikes within the limit window before throttling begins.
Burst + No Delay
Permits short bursts instantly, without waiting for enforcement delay.
None
Strict enforcement. Requests exceeding the limit are immediately blocked.
Enter the IP address or range (e.g., 192.168.0.0/24).
Click Save to apply.
Rejects the request and returns an error response (default).
Challenge
Sends a verification challenge to the client before allowing further requests.
You can also define the HTTP response code to be returned:
429 — Too Many Requests
529 — Custom throttling response
Test your configuration with real traffic or API calls to ensure it behaves as expected.
Check the response code (429 or 529).
Review request logs and metrics in Analytics → Rate Limiting Dashboard.
Request Limit
The maximum number of requests allowed (e.g., 100).
Burst
Block
Restrict or allow access to your CDN Resources based on geographic location by configuring country-based whitelists and blacklists.
Geoblocking allows you to control which countries can access your content through the . By enabling this feature, you can restrict or allow requests based on the visitor’s geographic origin, helping you comply with regional policies and protect your digital assets.
Geoblocking operates at the CDN edge, preventing unauthorized access before requests reach your origin server.
Use Geoblocking to manage access and enforce content distribution policies efficiently:
Compliance and licensing – Restrict access to regions where content rights do not apply.
Dynamic pricing models – Apply different pricing or service availability by country.
Security enhancement – Block known high-risk regions or malicious traffic.
Content optimization – Focus delivery to target markets, reducing unnecessary traffic.
Combine Geoblocking with IP Restriction for granular, IP-based exceptions within approved countries.
Log in to the Medianova Control Panel.
Go to CDN → CDN Resources and select the resource you want to manage.
Open the Security tab.
Enable the Geoblocking toggle.
From the country list:
Drag or select countries to the Whitelist (allowed).
Drag or select countries to the Blacklist (blocked).
Click Save Changes to apply your configuration.
(Optional) Add specific IP exceptions under IP Restriction for fine-tuned control.
Learn how to upload and manage SSL certificates in the Medianova Control Panel.
SSL/TLS certificates enable encrypted HTTPS communication between users and CDN Resources. You can upload your own certificate, use Medianova’s shared SSL, or activate a free certificate provided by Let’s Encrypt.
Own SSL
Upload your own SSL/TLS certificate issued by a Certificate Authority (CA).
Free SSL
Use a free SSL certificate automatically issued by Medianova (Let’s Encrypt).
Click Next after selecting the desired option.
Own SSL Setup
If you selected Own SSL, choose a certificate format and provide the required information.
Choose Certificate Format
Domain SSL
Extract an existing certificate directly from your domain if HTTPS is enabled.
.crt / .pem / .key (Paste Content)
Paste your certificate, private key, and CA chain into the input fields.
.crt / .pem / .key (Upload File)
Upload the certificate and private key files directly from your device.
.pfx (Personal Information Exchange)
Upload a .pfx file containing your certificate, key, and chain. Provide a password if required.
Field Descriptions
SSL Name
Internal display name for your SSL certificate.
Domain Name
Domain or wildcard domain to secure.
Certificate (.crt)
Public certificate file for HTTPS validation.
Private Key
Private key matching the certificate.
Certificate Password
Password for encrypted key or .pfx file.
CA Chain / Intermediate Certificates
Certificates linking your domain to the root authority.
Free SSL Setup
If you selected Free SSL, fill in the following details:
SSL Name
A name to identify the certificate in your organization.
Wildcard
Toggle this option to secure all subdomains under the same domain.
Domain
Select the CDN domain to apply the certificate.
Click Add Free SSL to issue and install your certificate automatically.
Open the SSL tab (or CNAME & SSL for Small and Large resources).
Select one of the following options:
SNI (Own SSL): Use your uploaded SSL certificate.
Shared SSL: Use Medianova’s shared certificate.
Click Save to apply the changes.
Replace SSL – Upload a new certificate to replace an expired one.
Delete – Remove unused or expired certificates.
Leaf Certificate
The primary certificate for your domain.
Intermediate Certificates
Bridge between the leaf and the root authority.
Root Certificate
Trusted by browsers and operating systems.
