Last updated: 2020-03-19 21:49:15PDF
Configure the scene
In general, the content distributed on CDN defaults to public resources, and users can use Access after they get the URL. In order to prevent malicious users from stealing your content for profit, in addition to Access control strategies such as referer Blacklist/Whitelist, IP Blacklist/Whitelist, IP Access frequency limit, you can also protect against theft by setting advanced timestamp authentication.
After configuring timestamp and Hotlink protection Prevent hotlinking, the client needs to calculate the signature according to the configuration and carry it to the server when initiating the request, and the CDN node verifies it at the server end, and then pass continues after the verification is passed.
Login CDN console Select "Domain name Management" in the menu bar, and click "manage" on the right side of the domain name to enter the domain name configuration page. You can see the authentication configuration in "Security configuration". By default, authentication configuration is disabled.
1. Change Settings
CDN provides four authentication signature calculation methods for you to choose from. You can also view different authentication modes and the final results after configuration through the [Authentication Calculator] above. For more information on the algorithm, please see the specific algorithm description document /
2. Turn off configuration
You can use the authentication configuration switch to close the configuration with one button. When the switch is off, the network will not take effect even if the configuration exists below. The next time you click enable, the configuration will be confirmed twice in advance. It will not take effect from publish to entire network immediately.
3. Regional special configuration
If your accelerated domain name service region is global acceleration, and you want to make different authentication configurations for domestic and overseas acceleration regions, click add Special configuration below configuration to set it.
After the zone special configuration is added, it cannot be deleted directly for the time being. You can disable it by turning off the configuration.
If the domain name
cloud.tencent.com For a globally accelerated domain name, the authentication configuration is as follows.
The actual effective scenarios are as follows:
- Actual Access resources of users in China
http://cloud.tencent.com/1.jpgThe request can be initiated directly.
- Actual Access resources for users outside China
http://cloud.tencent.com/1.jpgThe request URL format is