Protecting communication link between content delivery network and content origin server
First Claim
1. A method of protecting a website from attack, comprising:
- providing a content delivery network (CDN) having a set of content servers (CS) to provide content delivery on behalf of a set of participating content providers, at least one of the set of participating content providers sourcing content for delivery by the CDN from an origin server;
providing a set of private Internet Protocol (IP) addresses assigned to the origin server for communication between the CDN and the origin server;
transmitting a request for content from the CDN to the origin server using a first IP address selected from the set of private IP addresses;
receiving the content at the CDN from the origin server in response to the request for content;
identifying a malicious attack on the first IP address;
in response to identifying the malicious attack, selecting a second IP address from the set of private IP addresses;
subsequent to selecting the second IP address, transmitting a request for additional content from the CDN to the origin server using the second IP address; and
receiving the additional content at the CDN from the origin server in response to the request for additional content.
2 Assignments
0 Petitions
Accused Products
Abstract
A privatized link between an origin server and a content delivery network is provided. A privatized link can be direct connection that does not route over the internet. Another privatized link is one that rotates IP addresses. An origin server may be assigned to use a set of multiple IP addresses for communication with the content delivery network. However, at any given time, the origin server is only using a small number of IP addresses. When one of the IP addresses being used to communicate with the content delivery network comes under attack, the origin server switches to another IP address in the set in order to continue serving content to the content delivery network via an IP address that is not under attack.
-
Citations
13 Claims
-
1. A method of protecting a website from attack, comprising:
-
providing a content delivery network (CDN) having a set of content servers (CS) to provide content delivery on behalf of a set of participating content providers, at least one of the set of participating content providers sourcing content for delivery by the CDN from an origin server; providing a set of private Internet Protocol (IP) addresses assigned to the origin server for communication between the CDN and the origin server; transmitting a request for content from the CDN to the origin server using a first IP address selected from the set of private IP addresses; receiving the content at the CDN from the origin server in response to the request for content; identifying a malicious attack on the first IP address; in response to identifying the malicious attack, selecting a second IP address from the set of private IP addresses; subsequent to selecting the second IP address, transmitting a request for additional content from the CDN to the origin server using the second IP address; and receiving the additional content at the CDN from the origin server in response to the request for additional content. - View Dependent Claims (2, 3, 4, 12, 13)
-
-
5. A communication system, comprising:
-
a content delivery network (CDN) having a set of content servers (CS) to provide content delivery on behalf of a set of participating content providers, at least one of the set of participating content providers sourcing content for delivery by the CDN from an origin server; a set of private Internet Protocol (IP) addresses assigned to the origin server for communication between the CDN and the origin server; and wherein the CDN is configured to; transmit a request for content to the origin server using a first IP address selected from the set of private IP addresses; receive the content from the origin server in response to the request for content; identify a malicious attack on the first IP address; in response to identifying the malicious attack, select a second IP address from the set of private IP addresses; subsequent to selecting the second IP address, transmit a request for additional content to the origin server at the second IP address; and receive the additional content from the origin server in response to the request for additional content. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A method of supplying content to a content delivery network (CDN), comprising:
-
establishing a communication link between an origin server and the CDN using a first Internet Protocol (IP) address selected for the origin server from a set of private Internet Protocol (IP) addresses assigned to the origin server, the origin server to provide content to the CDN by responding to requests from the CDN directed to the first IP address; determining that the first IP address is under attack; in response to determining the first IP address is under attack, selecting a second IP address from the set of private Internet Protocol (IP) addresses assigned to the origin server; and establishing a communication link between the origin server and the CDN using the second IP address for the origin server, the origin server to provide content to the CDN by responding to requests from the CDN directed to the second IP address. - View Dependent Claims (11)
-
Specification