[Hummingbird] More Information about WPMU DEV CDN

Hello ,
What is WPMU DEV CDN ? How can I control it ? If i disable it what will happen to my files ? Is it protected by WAF ?
Thanks

  • Adam Czajczyk

    Hello Mohamed

    I hope you're well today and thank you for your question!

    WPMU DEV CDN is a "special kind" of Content Delivery Network . Unlike a regular CDN this one is used only for files optimized by Asset Optimization tool of Hummingbird.

    It doesn't handle your entire site but only these optimized files. The Hummingbird plugin optimizes files and then uploads them to our CDN and accordingly modifies all the calls to these files from your site. As a result those optimized (minified and combined) files are served from our CDN which usually speeds up the site.

    However, you can freely and safely disable that option. None of your files will be lost (though you might need to make sure that cache is cleared and, sometimes, that Asset Optimization optimized files are recreated - but that's not always necessary). The only change will be that optimized files will be stored and served from your server instead of our CDN.

    I'm not sure what do you mean by asking if they are protected by WAF. Those files themselves are not "applications" - they're not executable and are not "executed" and the CDN is a "storage" in this case, it doesn't "run" these files so Web Application Firewall is not exactly the tool relevant to this.

    But yes, the files are heavily protected - encrypted, not available for any modification from "outside" or for 3rd-party apps and guarded by quite powerful cloud infrastructure with all the security precautions in place.

    If anything "malicious" gets to them, that would be an issue on your site's server side as Hummingbird doesn't analyze them against any vulnerabilities: it takes the file from your site "as is", optimizes it for performance, and - if that option is enabled - puts it on our CDN.

    As long as the site is well protected on your site's/server end, they should be fine.

    If you have any additional questions on this, let me know please.

    Kind regards,
    Adam

    • Adam Czajczyk

      Hi Mohamed

      THe WPMU DEV CDN doesn't "tunnel/proxy/cache" traffic to your site. A regular CDN works "in front" of your site - so to say: "between user browser and your server". The WPMU DEV CDN doesn't do this, it works more in a "backend" (that's very simplified explanation though) and it serves the files, in a similar way as it was e.g. online file storage service, passive. Except, unlike any "file storage", it does it in a "CDN-way" selecting the closest server/highest performance connection to the user and strong security for the stored assets.

      Does it protect your site? No and it's not its goal. You can still use (and I'd actually recommend it) any regular CDN for your site (we usually recommend CloudFlare) and it should work fine together as they've got different purpose.

      Does it "improve security"? Well, yes, it does in some way. As the JavaScript and CSS files are stored in WPMU DEV CDN which is external to your site and very well protected (it is built upon leading enterprise grade infrastructure) then possible malicious modification of those files on your server will not do any harm until optimized assets are re-built. So it does add up to a security in a way.

      As for WAF specifically. I admit that I'm actually not sure if any WAF specifically is used. I only said that there's not quite need for it but I'm not sure if its there or not. I can, however, assure you that there are high-profile security solutions applied and the CDN is based on the highest industry standards and leading infrastructure.

      Kind regards,
      Adam

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.