tencent cloud

Feedback

Referer Configuration

Last updated: 2024-06-18 14:44:09
    You can set referer blocklist/allowlist and rules to block/allow playback requests so as to protect live streaming content. You can also choose whether to allow empty referer.

    How to Configure

    Referer URL is based on the HTTP protocol. CSS uses the referer field in an HTTP request to identify the source and verify the request, and then determine whether to accept or reject the request.

    Notes

    Referer information is included in HTTP requests. Therefore, referer configuration is ineffective for non-HTTP (such as RTMP, WebRTC, QUIC) requests. If you want to restrict the access of RTMP requests so as to prevent malicious users from bypassing referer hotlink protection through RTMP pull, perform configurations in the protocol disablement settings.
    Enabling, disabling, or modifying the referer takes effects in 15-20 minutes after the configuration. You don't need to push streams again.
    The referer hotlink protection feature verifies the referer information in the header of an HTTP request so as to check whether the request is valid and allow or reject live streaming accordingly. However, there may be cases where a forged referer bypasses the verification to hotlink the service. Therefore, we recommend you not strongly rely on referer for content protection.

    Prerequisites

    You have activated the CSS service and logged in to the CSS console.

    Enabling Referer

    1. Select Domain Management, and click the target playback domain or click Manage on the right to enter the domain management page.
    
    
    
    2. In Access Control > Referer Configuration, click
    
    to enable Referer Hotlink Protection.
    
    
    
    3. And configure as follows:
    
    
    
    Configuration Item
    Description
    Referer Type
    Select Blocklist or Allowlist as the referer type.
    You cannot select both of them,
    When the referer allowlist is configured, request sources on the list will be allowed to access the live streaming content while those not on the list will be blocked.
    When the referer blocklist is configured, request sources on the list will be blocked to access the live streaming content while those not on the list will be allowed.
    Allow Empty Referer
    When this feature is enabled, access will be allowed for HTTP requests with empty or no referer field. Users can access the live stream URL directly via browsers.
    When this feature is disabled, requests with empty referer will be rejected.
    Referer Patterns
    You can enter up to 100 patterns. Please separate them with line breaks, Do not leave empty rows or enter semicolons(;).
    You can enter IPs or domain names. The field supports path prefixes (domain names and IPs) and wildcards (domain names) for match. For example:
    If you enter 101.1.0.1 and www.test.com,the configuration will take effect for both 101.1.0.1/157 and www.test.com/tencent.
    If you enter *.test.com, the configuration will take effect for both www.test.com and a.test.com.
    If you enter no referer pattern, the blocklist/allowlist is not configured.
    4. Click Save to save the configuration.

    Modifying Referer

    1. Select Domain Management, and click the target playback domain or click Manage on the right to enter the domain management page.
    
    
    
    2. In Access Control > Referer Configuration, click Edit to enter the referer configuration page.
    3. Modify the configuration items and click Save.
    
    
    

    Disabling Referer

    After enabling the referer, you can disable it by performing the following steps:
    1. Select Domain Management, and click the target playback domain or click Manage on the right to enter the domain management page.
    
    
    
    2. In Access Control > Referer Configuration, click
    
    to disable the referer.
    
    
    
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support