The Sucuri CDN is responsible for caching your website automatically. With zero configuration, the CDN is able to speed up your website by up to 60%.
You can find the CDN locations on the Sucuri Firewall Locations article.
How the Sucuri CDN works
When a good CDN is in place, most of your website, if not all (depending on your website platform), will be transferred directly from a PoP (point of presence) of the CDN, which is a fancy name for “one of the data centers” used by the CDN network.
In other words, if the Sucuri Firewall was activated, the Paris visitor would get the website assets from the Sucuri Firewall European data centers, decreasing the page load time and the server resource usage.
Discovering the nearest cluster
You don’t need to do anything to activate the CDN except for activating the Website Firewall itself. However, you can discover which data center/cluster you’re accessing. There are a couple tools you could use, but the simplest one is a tool called
If you are using Microsoft® Windows, install Git for Windows before proceeding.
Open the Terminal/Git for Windows and run the following command:
curl -IL http://yourdomain.com/
In this example, we’ll be requesting the HTTP headers of the Sucuri KB. Don’t worry, although it seems technical, it’s pretty simple:
$ curl -IL https://kb.sucuri.net/
date: Wed, 27 Dec 2017 18:51:37 GMT
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
Here are the lines we need to pay attention to for the purpose of this article:
According to “x-sucuri-cache” header, the page requested (kb.sucuri.net) was served straight from the Sucuri CDN and answered by “14016” PoP (CDN edge). The first two digits (14) identify the PoP (CDN edge) reached, which is the Washington data center.
Although the data center might not be the closest to you, it also takes network connectivity and lower latency into consideration to provide the fastest response.
That’s what an Anycast CDN network does. It “guides” the connections to the PoP (CDN edge) with the best/shortest network path, which happens to be the closest data center most of the time. It also allows Sucuri’s engineers to re-route traffic in case of maintenance or congestion with minimal or no impact.
Instead of using curl, you can also use a Visual Traceroute tool, such as The Dazzlepod IP Address Lookup and Monitis Visual Trace Route Tool. That, with a certain success rate, is able to demonstrate the network path on a map.
When opening a support ticket regarding blocks, connection issues, etc, you can include which cluster you’re reaching to speed up the troubleshooting process.