Referer Validation
You can set a referer blacklist or whitelist to identify and filter out values of the Referer header in HTTP requests, controlling access sources.
Background
The Referer header identifies the address of the web page from which the resource has been requested. CDN PoPs can use this header to trace and identify the source.
When receiving access requests from users, the CDN PoPs identify and check users against the referer blacklist or whitelist. Only users meeting blacklist and whitelist requirements can access the content. Unqualified users will receive a 403 error response.
Constraints
- This function is disabled by default.
- Either a referer blacklist or whitelist can be configured.
Procedure
- Log in to Huawei Cloud console. Choose .
The CDN console is displayed.
- In the navigation pane, choose .
- In the domain list, click the target domain name or click Configure in the Operation column.
- Click the Access Control tab.
- In the Referer Validation area, click Edit. The Configure Referer Validation dialog box is displayed.
Figure 1 Configuring referer validation
- Switch on Status to enable this configuration item.
- Select a value for Type and set referer parameters based on service requirements. The following table describes the parameters.
- In the Rule text box, enter the domain names.
- Click OK.
- (Optional) Disable referer validation.
- Switch off Status to disable referer validation and clear all referer validation settings. You need to set related parameters when enabling this function again.
Examples
- Assume that a referer whitelist www.test.com is configured for the domain name www.example.com and Include blank referer is selected.
- If user 1 requests the URL https://www.example.com/file.html and the value of the referer field in the request is blank, CDN returns the content.
- If user 2 requests the URL https://www.example.com/file.html and the value of the referer field in the request is www.test.com, CDN returns the content.
- If user 3 requests the URL https://www.example.com/file.html and the value of the referer field in the request is www.abc.com, CDN returns a 403 error response code.
- Assume that a referer blacklist www.test01.com is configured for the domain name www.example01.com and Include blank referer is selected.
- If user 1 requests the URL https://www.example01.com/file.html and the value of the referer field in the request is blank, CDN returns a 403 error response code.
- If user 2 requests the URL https://www.example01.com/file.html and the value of the referer field in the request is www.test01.com, CDN returns a 403 error response code.
- If user 3 requests the URL https://www.example01.com/file.html and the value of the referer field in the request is www.bcd.com, CDN returns the content.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.