# Kingside Castle (O-O)

{% hint style="info" %}
**IMPORTANT**\
Sygnal's **Kingside Castle** manouvre should only be performed when Sygnal Hyperspeed is already installed on your site.  Otherwise it has only a short-term benefit, since your new asset URLs will be exposed for leeches to re-acquire and update their asset links.&#x20;
{% endhint %}

Goals;

* Disconnect "leeches" who are stealing your content by embedding your live Webflow assets directly in their own site, from Webflow's production CDN URLs, at your own bandwidth expense.&#x20;

Problems;

* Webflow's assets CDN uses a Webflow-owned domain, which means...&#x20;
  * We cannot directly reverse-proxy it
  * We cannot directly block access to it from outside parties
  * We have zero statistics on who is accessing it, or on the referring site&#x20;
  * We have no ability to identify anomalies or implement rules via a WAF&#x20;
* Webflow's assets CDN traffic counts towards your plan limit, so leeches count against your bandwidth quota&#x20;

## Approach

* Setup a Hyperspeed to rewrite all asset URLs
  * Obfuscate them so that the underlying Webflow CDN URL is in-determinable by a viewer&#x20;
  * Cache them, to offload Webflow traffic
  * Optionally, secure them from "simple" leeches
    * via Referrer check

Then, perform the **Kingside Castle**;&#x20;

* Clone your Webflow site
  * Move the plan to the clone
  * Move the domain to the clone
* Unpublish the old site
  * Verify the old asset URLs are now inaccessible&#x20;
* Perform any updates needed for external integrations
  * Apps installs and configurations
  * API key generation&#x20;
  * Automations&#x20;
    * Whalesync
  * Integrations
    * CMS ItemID re-synchronization with external systems
  * etc.

## Results

* All of the original Webflow CDN URLs are now invalid&#x20;
* All of the new Webflow CDN URLs are un-knowable to leeches&#x20;
* All access control is now centralized in Hyperspeed&#x20;
  * Including your Webflow CDN assets&#x20;
* All assets are delivered by cache, so leech traffic no longer impacts your Webflow bandwidth
* Leeches can be further blocked with custom asset routing with Hyperspeed customizations&#x20;
  * Such as a referrer check &#x20;

​