← Back to glossary

CDN (Content Delivery Network)

performance Beginner

debt(d5/e3/b3/t5)

d5 Detectability Operational debt — how invisible misuse is to your safety net

Closest to 'specialist tool catches it' (d5). The detection_hints list Lighthouse, Cloudflare, and WebPageTest — all specialist performance/infrastructure tools rather than compilers or default linters. These tools can flag missing CDN usage, missing Cache-Control headers, or origin servers serving static assets directly, but the issue won't surface until you run one of these audits.

e3 Effort Remediation debt — work required to fix once spotted

Closest to 'simple parameterised fix' (e3). The quick_fix describes pointing a domain to a CDN (e.g. Cloudflare free tier) and adding Cache-Control headers — slightly more than a single-line patch but still a focused, small configuration change. It doesn't require touching multiple files in the application code, though DNS changes and header configuration across asset types involve a small handful of steps.

b3 Burden Structural debt — long-term weight of choosing wrong

Closest to 'localised tax' (b3). The applies_to scope is web contexts only, and CDN configuration is largely an infrastructure/ops concern rather than something that shapes every code change. Once set up, most developers are unaffected day-to-day — though cache invalidation on deployments adds a recurring operational step that the team must remember.

t5 Trap Cognitive debt — how counter-intuitive correct behaviour is

Closest to 'notable trap' (t5). The canonical misconception is that CDNs only benefit global audiences, when in reality even single-region apps benefit from edge caching and traffic absorption. Additionally, the common_mistakes list documents well-known gotchas — dynamic content cached without vary headers, missing Cache-Control headers causing unpredictable behavior, and forgetting cache invalidation post-deployment. These are documented gotchas most developers eventually learn, fitting the t5 anchor.

About DEBT scoring → scored by claude-sonnet-4-6 · 2026-05-06 · reviewed by human

Also Known As

Content Delivery Network CDN edge edge caching

TL;DR

A geographically distributed network of servers that caches and delivers static assets from locations close to end users.

Explanation

CDNs reduce latency by serving static assets (images, CSS, JS, fonts) from an edge node geographically near the user, reducing round-trip time from potentially hundreds of milliseconds to single digits. They also reduce origin server load, provide DDoS mitigation, handle TLS termination, and offer edge-side caching of entire pages. For PHP applications, CDNs complement server-side caching — set correct Cache-Control headers on static assets to maximise CDN efficiency, and implement cache-busting (content-hash filenames) for deployment.

Diagram

flowchart LR
    USER_EU[User Europe] -->|nearest PoP| EDGE_EU[CDN Edge Frankfurt]
    USER_US[User USA] -->|nearest PoP| EDGE_US[CDN Edge New York]
    USER_AS[User Asia] -->|nearest PoP| EDGE_AS[CDN Edge Tokyo]
    EDGE_EU & EDGE_US & EDGE_AS -->|cache MISS only| ORIGIN[Origin Server]
    INFO[Cache HIT: served from edge in ms<br/>Cache MISS: fetched once then cached]
style ORIGIN fill:#d29922,color:#fff
style EDGE_EU fill:#238636,color:#fff
style EDGE_US fill:#238636,color:#fff
style EDGE_AS fill:#238636,color:#fff

Common Misconception

✗ A CDN only benefits sites with global audiences. CDNs reduce latency for all users by serving assets from edge nodes closer to them, absorb traffic spikes from origin servers, and provide DDoS mitigation — even a single-region app benefits from CDN edge caching.

Why It Matters

A CDN serves static assets from edge nodes geographically close to each user — reducing latency from hundreds of milliseconds to single digits for images, CSS, and JS. Without one, every user worldwide hits your origin server for assets that never change.

Common Mistakes

Putting dynamic, user-specific content behind a CDN without vary headers — all users get the same cached response.
Not setting Cache-Control headers — CDNs cache aggressively by default, or not at all, depending on the provider.
Forgetting to invalidate the CDN cache after deployments — users continue to see old JS and CSS.
Serving the same assets both from CDN and origin without consistent URLs — breaks cache hit rates.

Code Examples

✗ Vulnerable

// All assets served from origin — no CDN:
<img src="https://myapp.com/images/hero.jpg">
<!-- Every user in Asia hits the EU origin server — 300ms+ latency -->
<!-- With CDN: <img src="https://cdn.myapp.com/images/hero.jpg"> -->
<!-- Served from nearest edge node — 20-50ms -->

✓ Fixed

// Serve static assets via CDN — reduces latency and server load

// Laravel — asset URL via CDN:
// .env: ASSET_URL=https://cdn.yourapp.com
\$url = asset('css/app.css');
// → https://cdn.yourapp.com/css/app.css

// Cache-busting with versioned filenames (Vite/Mix):
// app.abc123.css — changes on each build → CDN fetches fresh copy

// Headers for CDN-cacheable assets:
header('Cache-Control: public, max-age=31536000, immutable'); // versioned files
header('Cache-Control: public, max-age=3600');                 // non-versioned

// Private content — never cache on CDN:
header('Cache-Control: private, no-store');

// CloudFront / Cloudflare / BunnyCDN origins point to your PHP server
// CDN serves 95%+ of static requests — PHP handles API only

References

↗ https://developer.mozilla.org/en-US/docs/Glossary/CDN