Hotlink Protection

Last update:2023-05-25 15:13:52

• Entrance
Product → Configuration → Edit Configuration → Hotlink Protection

• Introduction
With this configuration, there are six functions for Hotlink Protection Settings.

Parameter  Description
Referrer Anti-Hotlinking Config a referrer-based-filtering policy to allow/deny access requests with certain referrer headers.
IP Blacklist/Whitelist Anti-Hotlinking Config a IP blacklist/whitelist-filtering-policy to allow/deny access requests with certain IP addresses.
Cookie Anti-Hotlinking Config a cookie-based-filtering policy to allow/deny access requests with certain cookie keywords.
UA Header Anti-Hotlinking  Config a UA-based-filtering policy to allow/deny access requests with certain user-agent headers.
Customized Header Anti-Hotlinking Config a UA-based-filtering policy to allow/deny access requests with customized HTTP headers.
Comprehensive Anti-Hotlinking  Currently configured complex filter policy that cannot be modified by itself.

Except for Comprehensive Anti-Hotlinking, all functions are used for creating hotlink protection rules at each specific features, including:

Parameter  Description
All Requests
Meaning all requests to this domain follow the same caching rules on CDN nodes.
Only Homepage
Meaning only requests to root domain like https://domain/ follow the same caching rules.
Specified File Type
Meaning the specified file types configured follow the same caching rules. CDNetworks lists the commonly used types for selection or you can enter file types on your own.
Specified URI
Meaning only the requests to certain URLs that you configured will follow the same caching rules.
Specified Directory
Meaning only the requests to certain directories that you configured follow the same caching rules.
URL Patter
Meaning the requests to the resources that meet the URL patterns you’ve configured will follow the same caching rules.

1 Referrer Anti-Hotlinking

• Entrance
Product → Configuration → Edit Configuration → Hotlink Protection → Referrer Anti-Hotlinking

• Introduction
This function is to configure referrer header information based filtering to allow user access or to disallow invalid access

• Guides for operations

For a quick and simple setup, you can use Quick Configuration. In this tab, only neccessary fields need to be configured and other fields will use default values directly.

To do a complete and more customized configuration, please click on Add button to go to detail page.

You need to confirm all information that you change, then choose Pre-deployment or Deploy Now for next step which will take 3 to 5 minutes.

2 IP Blacklist/Whitelist Anti-Hotlinking

• Entrance
Product → Configuration → Edit Configuration → Hotlink Protection → IP Blacklist/Whitelist Anti-Hotlinking

• Introduction
This function is to configure IP filtering to allow user access or to disallow dangerous access by IP , IP segment or region

•Guides for operations

In order to avoid dangerous actions like hostile attack. If some IP or IP segment are not allowed to access to specific URL, you could choose an action between deny and redirect in advance config.
Fill the column name ‘Forbidden IP/IP Segment’ to forbid them.
If just some IP/IP segments are allow to visit, you need to fill column ‘Exception IP/IP Segment’ with '0.0.0.0/0’, then fill the column name Exception IP/IP Segment with what you want.

You need to confirm all information that you change, then choose Pre-deployment or Deploy Now for next step which will take 3 to 5 minutes.

3 Cookie Anti-Hotlinking

• Entrance
Product → Configuration → Edit Configuration → Hotlink Protection → Cookie Anti-Hotlinking

• Introduction
This function is to configure cookie based filtering to allow user access or to disallow invalid access .

• Guides for operations

In order to avoid invalid, if some cookie or null cookie are not allowed to access to specific URL, you could choose an action between deny and redirect in advance config.
Fill the column Cookie Type , Cookie name and Action : ‘Deny’ to forbid them.

You need to confirm all information that you change, then choose Pre-deployment or Deploy Now for next step which will take 3 to 5 minutes.

Examples
Assume that a domain was configured as below.

User with no cookie don’t access the site and CDN nodes respond with code 403 by CDN node.
User with cookie: Agree-Privacy-Policy will get a response from the URL redirected by configured rule when users tries to visit front page. Request for Other pages will be normal.

4 UA Anti-Hotlinking

• Entrance
Product → Configuration → Edit Configuration → Hotlink Protection →UA Anti-Hotlinking

• Introduction
This function is to configure user-agent based filtering to allow user access or to disallow invalid access

• Guides for operations

In order to avoid invalid, if some access with user-agent are not allowed to access to specific URL, you could choose an action between deny and redirect in advance config.
Fill the column Client Type , Allow Client and Action : ‘Deny’ to forbid them.

You need to confirm all information that you change, then choose Pre-deployment or Deploy Now for next step which will take 3 to 5 minutes.

5 Customized Header Anti-Hotlinking

• Entrance
Product → Configuration → Edit Configuration → Hotlink Protection → Customized Header Anti-Hotlinking

• Introduction
This function is to configure Customized Header based filtering to allow user access or to disallow invalid access .

• Guides for operations

You need to confirm all information that you change, then choose Pre-deployment or Deploy Now for next step which will take 3 to 5 minutes.

• Examples
Assume that a domain was configured as below.

User with no Customized-Header:X-Auth doesn’t access the site and CDN nodes respond with code 403 by CDN node.
User with Customized-Header:X-Auth will get a response from the URL redirected by configured rule when users tries to visit front page. Request for Other pages will be normal.

6 Comprehensive Anti-Hotlinking

• Entrance
Product → Configuration → Edit Configuration → Hotlink Protection → Comprehensive Anti-Hotlinking

• Introduction
This function let you read only the configuration of comprehensive Anti-Hotlinking function.
CDNetworks technical staff can help you to configure complex filtered rules hat cannot be modified by yourself.

• Guides for operations
At the entrance, you can read the complex configurations to filter anti-hotlinking conditions.

Is the content of this document helpful to you?
Yes
I have suggestion
Submitted successfully! Thank you very much for your feedback, we will continue to strive to do better!