To control the source of access to your business resources, you can use the referer hotlink protection feature in Tencent Cloud CDN.
By configuring an access control policy on the value of the referer field in the HTTP request header, you can control the access source to prevent hotlinking by malicious users.
Log in to the CDN console, select Domain Management on the left sidebar, and click Manage on the right of a domain name to enter its configuration page. Open the Access Control tab to see the Hotlink Protection Configuration section. It is disabled by default.
Toggle on the switch, select a hotlink protection type, tick Allow blank referer as needed, enter an IP or domain name in the input box, and click OK.
Referer blocklist:
Referer allowlist:
Configuration limitations:
www.abc.com
is configured, then www.abc.com/123
will be matched, but www.abc.com.cn
will not; if 127.0.0.1
is configured, then 127.0.0.1/123
will be matched.*.qq.com
is configured, then both www.qq.com
and a.qq.com
will be matched.You can toggle off the switch to disable this feature. When the switch is off, this feature does not take effect in the production environment even if there is an existing configuration. If you toggle the switch on, the configuration will take effect across the entire network after the action is confirmed.
If your acceleration domain name is configured for global acceleration and you want to configure acceleration in and outside the Chinese mainland with different referer hotlink protection settings, you can click Add Special Configuration.
Note:
Currently, region-specific configuration items cannot be deleted once added but can be disabled.
If the hotlink protection configuration of the acceleration domain name www.test.com
is as follows:
Then the actual access will be as follows:
1.1.1.1
, which matches the allowlist configured for the Chinese mainland, then the requested content will be directly returned.
Was this page helpful?