To control the source of access to your business resources, you can use the referer hotlink protection feature in Tencent Cloud CDN.
By configuring an access control policy on the value of the referer field in the HTTP request header, you can control the access source to prevent hotlinking by malicious users.
Log in to the CDN Console, select Domain Management on the left sidebar, and click Manage on the right of the domain name to enter its configuration page. Under the Access Control tab, find the hotlink protection configuration, which is disabled by default:
Switch to select the hotlink protection type, enter the corresponding information, select whether to allow blank referer, and click OK to enable hotlink protection.
www.abc.comis configured, then
www.abc.com/123will be matched, but
www.abc.com.cnwill not; if
127.0.0.1is configured, then
127.0.0.1/123will be matched.
*.qq.comis configured, then both
a.qq.comwill be matched.
You can switch to disable the hotlink protection feature. When the switch is off, this feature will not take effect in the production environment even if there is an existing configuration. If the switch is on, a message will be displayed to confirm whether to enable this feature before the configuration takes effect across the entire network.
If your acceleration domain name is configured for global acceleration and you want different referer hotlink protection configurations for acceleration in and outside of Mainland China, click Add Special Configuration.
After a region-specific configuration item is added, it cannot be directly deleted for the time being. You can only disable it.
Suppose the hotlink protection configuration of the acceleration domain name
www.test.com is as follows:
The actual access status will be as follows:
184.108.40.206initiates a request, the allowlist configured for Mainland China will be hit and the requested content will be directly returned.