Content Delivery Optimization
Content Delivery Optimization
Implement secure content delivery strategies:
# CDN integration with security
server {
listen 443 ssl http2;
server_name cdn.example.com;
# Strict origin validation
valid_referers none blocked server_names
*.example.com
~\.google\. ~\.bing\. ~\.yahoo\.;
if ($invalid_referer) {
return 403;
}
# CORS for CDN
location ~* \.(ttf|ttc|otf|eot|woff|woff2|font.css|css|js)$ {
add_header Access-Control-Allow-Origin "https://example.com" always;
add_header X-Content-Type-Options "nosniff" always;
expires 1y;
add_header Cache-Control "public, immutable";
}
# Image optimization
location ~ \.(jpg|jpeg|png|gif|webp)$ {
expires 1y;
add_header Cache-Control "public, immutable";
add_header Vary "Accept";
# WebP support
if ($http_accept ~* "webp") {
set $webp_suffix ".webp";
}
try_files $uri$webp_suffix $uri =404;
}
}