Security Parity Across CDNs: WAF, Bot Management, Rate Limits, and Origin Authentication
Synopsis This chapter describes how to keep security controls equivalent when more than one CDN serves the same properties. It covers ownership of policy, alignment of web application firewall rules, parity in bot defenses, consistent rate limiting, origin authentication, secrets handling, configuration drift control, verification, logging normalisation, and incident procedures. The aim is a uniform security posture that does not depend on which provider handled a request. Scope and objectives Security parity means that requests receive the same protection and the same outcomes independent of provider. Rules must be functionally equivalent, telemetry must be comparable, and emergency controls must have the same effect at all edges. Differences in vendor features are handled by choosing portable constructs first and by documenting exceptions that cannot be avoided. ...