How to defend against Account Takeovers
Learn about account takeover threats, protection strategies, and detection methods to secure your digital accounts and prevent unauthorised access.
Content served by a webserver can be broadly broken into two categories, static, and dynamic.
Static Content
Static content is delivered to the end user without being generated or processed. The content is stored on the webserver in the form of a file and that same file is delivered to every user. Traditionally a CDN would only store and serve the static content of a website.
Examples of content that is usually, but not always, static are images, videos, CSS files, Javascript files, PDFs, etc. Website pages may also be static, you may have heard of 'static site generators' that will write out a website as static files. Since there is no processing involved on the server static content is very fast to deliver.
Dynamic Content
Conversely, dynamic content is generated by the server for every request, often involving several database queries and considerable code execution. The content served may vary depending on several factors, such as the user's behaviour and location. Examples of this could be a slightly different page being presented whether a user is logged into a website or not, has added items to their shopping cart, selected options on the website, or has engaged with some marketing.
Caching Dynamic Content
Most modern websites are built with Content Management Systems (CMS) like WordPress, Shopify, Magento, or Drupal. CMS systems generate pages for every request, making them 'dynamic', but without necessarily changing the content, or only very rarely changing.
Similarly, API calls might return the same information if the same input is supplied. This creates an opportunity to cache this content saving the server from generating the content for every request.
To cache dynamic content a request is made that generates the requested output, be it an HTML page, image, JSON, etc. The output is then stored as a static file, or kept in memory, this static response is then served for every request until it either expires or is purged. Upon expiry, or a purge event (purge events might purge by URL or cache tag, the server is asked to regenerate the content which is then again stored as a static file. Caching dynamic content can dramatically improve load times and cut server utilisation.
Caching can happen on the same server as the main server, as is the cache for many optimising Wordpress plugins, or distributed globally on a CDN, as is the case with Peakhour.
Related Articles
What is an Account Takeover?
An overview of Account Takeover Attacks
AI Crawler User Agents
A practical reference for common AI crawler user agents, operators, purposes, and recommended Peakhour bot-management actions.
AI For Cybersecurity
AI For Cybersecurity explains the concept in the context of AI security, with practical checks and mitigation considerations for site operators.
AI Image Generation
AI Image Generation explains the concept in the context of AI security, with practical checks and mitigation considerations for site operators.
AI Misuse
AI Misuse explains the concept in the context of AI security, with practical checks and mitigation considerations for site operators.