CDN detected - MetricSpot docs

What this check does

Looks at the HTTP response headers on the audited URL and identifies the CDN (Content Delivery Network) serving it. This is an informational check — there is no pass/fail. The result tells you whether there’s an edge layer between users and your origin server, and which provider you’re routed through.

Why it matters

A CDN caches your assets in dozens or hundreds of points-of-presence around the world. Users in São Paulo hit a São Paulo edge node, not your origin in Frankfurt. That single layer changes the floor of every performance metric the audit measures:

Server response time — first byte from a nearby PoP, not a transatlantic round trip.
Largest Contentful Paint — hero images and CSS arrive on the same RTT budget.
Lighthouse performance score — every Lab metric improves with edge caching.

A CDN also absorbs DDoS traffic, terminates TLS at the edge, and lets you run logic (auth, redirects, A/B splits) near the user via edge workers. If MetricSpot reports “No CDN detected” and your audience is global, that’s the single highest-leverage infrastructure change you can make.

How to fix it

This check is informational, so the action depends on what was detected.

No CDN detected. Put one in front of your origin. Defaults that work for most sites:

Cloudflare — free tier covers most marketing sites and SaaS landing pages. Best DDoS protection. Detected via Server: cloudflare and the CF-Ray header.
Bunny — cheapest egress for image- and video-heavy sites. Pay-as-you-go, no minimums. Detected via Server: BunnyCDN and CDN-PullZone.
Fastly — fine-grained edge logic via VCL. Strong for publishers and ecommerce that need cache invalidation in milliseconds. Detected via X-Served-By and X-Cache.
AWS CloudFront — natural fit if your origin is on AWS. Detected via X-Amz-Cf-Id and Via: ... cloudfront.net.
Vercel / Netlify Edge — automatic if you deploy on either platform. Detected via X-Vercel-Id / X-Vercel-Cache and Server: Netlify.

CDN detected, but performance is still bad. The CDN is forwarding to your origin without caching. Common causes:

Cache-Control: no-store or private on HTML responses from your origin.
Set-Cookie on every response (some CDNs refuse to cache cookied responses).
Missing Cache-Control headers entirely — Cloudflare won’t cache HTML by default; you need a Page Rule or a Cache-Control: public, max-age=... header.

Check the cache header for hit ratio:

curl -I https://yourdomain.com/ | grep -iE 'cache|cf-cache|x-cache|x-vercel'

HIT means cached at the edge. MISS or DYNAMIC means every request hits your origin — you’re paying for a CDN you’re not using.

Picking between providers. If you’re already on Vercel or Netlify, use their edge — switching costs more than it saves. If you need DDoS protection or run a WordPress / shared-hosting site, Cloudflare. If egress costs dominate (video, large images, software downloads), Bunny. If your engineers want to write edge code as a first-class concern, Fastly or Cloudflare Workers.

Frequently asked questions

Is a CDN worth it for a single-region B2B site?

If 95% of your traffic is in one country and you’re hosted in that country, the CDN’s caching benefit is small — most users are already close to your origin. You still get TLS termination, DDoS protection, and bot filtering, which is worth the free tier on Cloudflare. Skip the paid plans until traffic shape changes.

Does MetricSpot detect CDNs in front of CDNs?

Only the outermost layer — that’s what the visitor’s browser sees. If you have Cloudflare → Fastly → origin, we’ll report Cloudflare. The chained setup is unusual outside large publishers and usually means a migration is in progress; one of them should go.

Will a CDN break my analytics or A/B tests?

No, but it can mask the client IP from your origin logs. CDNs forward the original IP in X-Forwarded-For or CF-Connecting-IP; your application code or analytics tool needs to read that header instead of the TCP source IP. Most server frameworks have a trusted-proxy setting for this — configure it once and IP-based features (geolocation, rate limits) work as expected.