CDNShark gives you edge delivery, DNS proxy, pull zones, and cache controls in one panel. Deploy and update records quickly, apply security policies per host, and scale with queue-backed automation. Built for teams who need speed without losing operational control.
Get CDNShark Learn More
Teams use CDNShark to manage traffic from DNS to edge in one place. Configure proxy records, pull zones, cache behavior, CORS, GEO policies, IP controls, and rate limits without jumping between tools. Infrastructure actions are queued in the background so your workflow stays responsive.
CDNShark delivers your content from edge servers positioned close to your users — reducing latency, improving load times, and keeping your traffic off congested backbone routes.
Speed up websites with edge caching, proxy routing, and DNS-driven traffic control.
Reduce API latency and protect backends with edge policies and controlled caching.
Deliver images, video, and large objects with pull zones and edge cache controls.
Custom infrastructure and operational controls for high-scale traffic workloads.
Every CDNShark plan includes the full feature set — edge rules, image optimization, webhooks & more — no add-ons required.
Edge caching, TTL controls, and full delivery pipeline configuration per zone.
Fetch and cache content from any HTTP/HTTPS origin with a configurable CDN hostname and optional custom CNAME.
Set a global TTL per zone in seconds, or use 0 to follow origin Cache-Control headers.
Override TTL or bypass cache per URL path using extension, prefix, suffix, contains, or exact match rules.
Lock objects at the edge indefinitely — nothing re-fetches until you manually purge.
Include or ignore query strings in cache keys to maximize hit rates for static assets.
Serve zones from your own domain. CNAME to CDNShark — SSL is handled automatically at the edge.
Permissive, disabled, or custom CORS mode with configurable origins, methods, and headers per zone.
Zone configs push to all active edge servers simultaneously. New nodes inherit all zones automatically.
Instantly purge the full cache for any zone with one click — no TTL wait, changes go live immediately at the edge.
Enforce access policies and block threats at the edge before they reach your origin.
Block path traversal, file probing, scanner bots (Basic) plus SQLi & XSS patterns (Strict) at the edge.
Block or whitelist countries by ISO code. Block mode denies listed countries; allow mode restricts to them only.
Control access by IPv4/IPv6 address or CIDR range in block or allowlist mode.
Enforce per-IP request limits (Normal 50 r/s, Relaxed 200 r/s, Strict 10 r/s) via Nginx rate zones.
Block or allowlist external referrer domains to prevent unauthorized embedding of your assets.
Protect your account with TOTP-based 2FA. Verified at login using any authenticator app — enabled per user in account settings.
S3-compatible storage with a file browser, access control, and encryption — delivered via CDN.
Create and manage buckets with a full AWS S3-compatible API. Works with any S3 SDK, CLI, or backup tool.
Encrypt buckets with your own client-supplied key. Keys never leave your control — only the encrypted data is stored on our servers.
Toggle bucket visibility instantly. Private buckets require signed URLs or credentials for any access.
Generate time-limited signed URLs or permanent shared bucket links for secure file distribution without exposing credentials.
Upload, browse, create folders, and delete objects directly from the dashboard — no external S3 client needed.
Access Key & Secret Key scoped per bucket for integration with your applications, backups, or CI/CD pipelines.
Queue-backed provisioning, Redis config sync, and automated deployment to every edge node.
Create A, AAAA, and CNAME proxy records routed through the CDNShark edge with automated Nginx deployment per record.
Nginx configs and DNS changes deploy via queue workers in the background — UI actions stay fast.
Security and cache policies are stored in Redis and replicated to all edge nodes within seconds — no Nginx reload needed.
All CDN hostnames are served over HTTPS. Custom hostnames get SSL termination at the edge via wildcard cert.
Upload, transcode, and stream video over HLS — with an embeddable player and token-based access control.
Upload MP4 or MKV files and get back multi-bitrate HLS streams (1080p, 720p, 480p, 360p) ready for adaptive playback.
Organise videos into libraries. Each library has its own storage bucket, playback settings, and access policy.
Drop a single <iframe> on any page. The built-in HLS player adapts bitrate automatically and works on all devices.
Protect private videos with signed playback tokens. Tokens are scoped per video and expire on a configurable schedule.
Enable per-library segment encryption. FFmpeg generates a unique AES-128 key at transcode time — segments are unplayable without a valid playback token.
Restrict playback tokens to a whitelist of allowed referrer domains — prevents your streams from being embedded on unauthorised sites.
Per-zone request and response manipulation — redirects, rewrites, header control, and cache overrides applied at the edge before origin is contacted.
Issue 301 or 302 redirects by URL prefix, extension, suffix, contains, or exact match — no origin roundtrip required.
Transparently rewrite incoming request paths before they reach the origin. Useful for versioned URLs, legacy path migration, and A/B routing.
Inject custom request or response headers at the edge — add X-Custom-* headers, override Cache-Control, or append CORS headers per path.
Remove sensitive or unwanted headers from origin responses before they reach the client — clean up server leakage with a single rule.
Automatically redirect all HTTP requests to HTTPS on a per-zone basis. No origin configuration required — enforced at the CDN edge.
Match rules by URL prefix, suffix, file extension, substring, or exact path. Apply multiple rules in sequence with configurable priority ordering.
On-the-fly image processing at the edge — resize, compress, and convert to next-gen formats without touching your origin pipeline.
Append ?w=800 to any image URL. The edge resizes and caches the result — no new image assets to manage at the origin.
Serve modern formats automatically based on the browser's Accept header. JPEG/PNG sources are converted transparently with no URL changes.
Set a default compression quality per zone, or override per-request with ?q=75. Balance visual quality and bandwidth with a single parameter.
Configure a zone-wide maximum output width to prevent oversized images regardless of the requested size.
Each unique size/format/quality combination is cached independently at the edge. Repeat requests are served instantly — the transformation runs only once.
Enable or disable image optimization independently per Pull Zone. Zones that don't serve images are unaffected with zero performance overhead.
Real-time event notifications to any HTTPS endpoint — signed payloads, automatic retries, and full delivery logging.
Subscribe to CDN, storage, video, live stream, and billing events. Your endpoint receives a signed payload within seconds of the event firing.
Every delivery is signed with your webhook secret. Verify the X-CDNShark-Signature header to guarantee payloads come from CDNShark and haven't been tampered with.
Failed deliveries are retried automatically with exponential back-off. Retry history and response codes are visible in the delivery log.
Inspect every webhook attempt — request body, response status, latency, and error message — directly from the dashboard. Debug integrations without guessing.
Each webhook endpoint subscribes to specific event types. Receive only the events you care about — no filtering logic needed on your side.
All events share a consistent { event, timestamp, data } envelope. Integrate with Zapier, Make, n8n, or your own backend with minimal boilerplate.
Broadcast live over RTMP or WebRTC — HLS delivered via CDN edge with optional auto-archive to storage.
Push live streams from OBS, ffmpeg, or any RTMP encoder. SRS 6.x handles ingest on port 1935 — no encoder configuration changes required.
Go live directly from a browser with zero plugin install. WHIP signalling over HTTPS — WebRTC media sent directly to the ingest server.
SRS transcodes your stream into 2-second HLS segments on-the-fly. A dedicated Pull Zone delivers playback from all edge nodes globally.
Optionally archive the full broadcast to your storage bucket when the stream ends. A dedicated archive library is created automatically per account.
Set a site-wide maximum archive duration (1–24 hours). Streams exceeding the limit are stopped automatically — no manual intervention needed.
Every stream has a unique secret key validated on each publish. Unauthorised connections are rejected by the ingest server before any data flows.
Analytics, job status, billing, and support — all in one dashboard.
Monitor bandwidth, request counts, and cache hit ratios per zone over time from the dashboard.
Track all background infrastructure jobs — completions, failures, and re-queue controls in the admin panel.
Browse and filter raw edge request logs per zone — inspect status codes, cache status, IP, and user agent in real time.
Earn recurring commissions by referring new customers. Track referral clicks, signups, and payouts from your dashboard.
Built-in ticket system for users and admins — submit, track, and respond without leaving the platform.
Invoices auto-generated from actual bandwidth. Overage charged per GB above your plan's included allocation.
Choose the plan that fits your needs
30-day
Money-back Guarantee