Options
These are some of the configuration modules available for the Web Accelerator.
Mobile/Desktop Browser Detection
It is possible to configure the Web Accelerator to cache pages separately for desktop and mobile browsers. This allows caching for legacy sites that perform server side browser sniffing.
If the backend emits a Vary header that prevents caching, the Web Accelerator can rewrite it.
Rate Limiting
The module supports defining thresholds beyond which requests are rejected with a temporary 429 error. For example, a limit may be applied to the number of requests from the same IP and for the same domain.
Usually, limits are only applied to requests that would reach the backend, but it is also possible to apply them to those that would be served from the cache.
Blocking Undesirable Clients
The module checks the User-Agent header to block certain types of scans, or
aggressive crawlers or those that do not bring value to the site.
It is reasonably safe to use it because the same configuration protects over 100000 Seeweb customer sites.
Botguard
The Web Accelerator and WAF may be integrated with the Botguard service for protection against scraping and other types of non-human clients.
Cookie Filtering
It is possible to manipulate the cookies sent to the backend to remove those that would prevent caching.
Cookie-Based Authorization
The module supports excluding from caching requests that have a certain authentication cookie, possibly only for specific URLs.
Edge Side Includes (ESI)
The Web Accelerator can use a simple markup language to compose a page from multiple requests made to the backend. In this way, a single page can be made of elements that can be cached and others that are dynamic.
Geoblocking or Geoallowing
It is possible to block requests from certain countries, or only accept them from those listed.
If this function is enabled in a restrictive manner, it is essential to ensure that search engine crawlers are not blocked.
Prevent Hotlinking
With this module, image hotlinking is prevented.
It is usually a good idea to configure it to still accept requests with a
Referer header from the most common search engines.
WebP Support Negotiation
Some sites support images in WebP format through server-side negotiation, to adapt to the capabilities of the browser used by the visitor.
A site that changes its response based on the secondary characteristics of the request would not be compatible with a frontend cache, but this module solves this issue by implementing WebP negotiation in the Web Accelerator itself.
Caching of OPTIONS Responses
If the site structure allows it, it is possible to enable the caching of
OPTIONS responses generated by the Cross-Origin Resource Sharing
(CORS) mechanism.
fail2ban
fail2ban can be enable on the Web Accelerator to block repeated attacks before they reach the backend.
It is essential that it is not enabled on the backend, since all traffic comes from the Web Accelerator's IP and therefore could not block it.
Log Management
By design, the Web Accelerator does not store statistics or request logs.
To see the trend of the managed traffic, network graphs are available in the cloud server panel associated with the Web Accelerator.
If a web analytics system is desired, then we recommend installing Matomo or Plausible.
For real-time analysis, we can send the requests flow via syslog to a SIEM or another log analyzer of the customer.
Otherwise, the Web Accelerator can upload the log of the day's requests every night to an S3-compatible service such as Seeweb's cloud object storage.