Referer Configuration

Last updated: 2021-11-09 09:37:47

    You can set referer blocklist/allowlist and rules to block/allow playback requests so as to protect live streaming content. You can also choose whether to allow empty referer.

    How to Configure

    Referer URL supports HTTP protocol. CSS uses the referer field in an HTTP request to identify the source and verify the request, and then determine whether to accept or reject the request.

    Note

    • Referer information is included in HTTP requests. Therefore, referer configuration is ineffective for non-HTTP (such as RTMP, WebRTC, QUIC) requests. If you want to restrict the access of RTMP requests, please submit a ticket.
    • Enabling, disabling, or modifying the referer takes effects in 15-20 minutes after the configuration. You don't need to push again.
    • The referer hotlink protection feature verifies the referer information in the header of an HTTP request so as to check whether the request is valid and allow or reject live streaming accordingly. However, there may be cases where a forged referer bypasses the verification to hotlink the service. Therefore, we recommend you not strongly rely on referer for content protection.

    Prerequisites

    Enabling Referer

    1. Select Domain Management, click the target playback domain or click Manage on the right to enter the domain management page.
    2. In Access Control > Referer Configuration, click Edit to enter the referer configuration page.
    3. Click to enable the referer and configure as follows:
      Configuration ItemDescription
      Referer Type Select Blocklist or Allowlist as the referer type.
      • You cannot select both of them.
      • When the referer allowlist is configured, request sources on the list will be allowed to access the live streaming content while those not on the list will be blocked.
      • When the referer blocklist is configured, request sources on the list will be blocked to access the live streaming content while those not on the list will be allowed.
      Allow Empty Referer
      • When this feature is enabled, access will be allowed for HTTP requests with empty or no referer field. Users can access the live stream URL directly via browsers.
      • When this feature is disabled, requests with empty referer will be rejected.
      Referer Patterns
      • You can enter up to 100 patterns. Please separate them with line breaks.
      • You can enter IPs or domain names. The field supports path prefixes (domain names and IPs) and wildcards (domain names) for match. For example:
        • If you enter 101.1.0.1 and www.test.com, the configuration will take effect for both 101.1.0.1/157 and www.test.com/tencent.
        • If you enter *.test.com, the configuration will take effect for both www.test.com and a.test.com.
      • If you enter no referer pattern, the blocklist/allowlist is not configured.
    4. Click Save to save the configuration.

    Modifying Referer

    1. Select Domain Management, click the target playback domain or click Manage on the right to enter the domain management page.
    2. In Access Control > Referer Configuration, click Edit to enter the referer configuration page.
    3. Modify the configuration items and click Save.

    Disabling Referer

    After enabling the referer, you can disable it by performing the following steps:

    1. Select Domain Management, click the target playback domain or click Manage on the right to enter the domain management page.
    2. In Access Control > Referer Configuration, click Edit to enter the referer configuration page.
    3. Click to disable the referer.
    4. Click Save.