Restricting Malicious Client Requests Using the Rules Engine
Background
The website www.example.com encountered malicious users who uploaded HTML files disguised as image formats for traffic redirection, leading to requests being diverted to illegal websites. This risk can be mitigated through the rules engine of CDN.
Solution Overview
The website's origin server is an OBS bucket, where the Content-Type header in the object metadata is set to text/html, allowing users to request HTML files.
This solution uses the rules engine of CDN to restrict clients to opening only image files. By rewriting the origin request headers and HTTP response headers when a client requests a file in an image format, the solution prevents redirection to other illegal websites.
Resources and Costs
The following table lists the resources required for this practice.
|
Resource |
Description |
Monthly Price |
|---|---|---|
|
CDN |
Traffic: traffic generated when users access CDN PoPs. You can purchase traffic packages to deduct it. |
For billing details, see Billing. |
|
OBS |
Traffic: outgoing Internet traffic generated when CDN pulls content from OBS, billed in pay-per-use mode. If you set the origin server type to OBS bucket and select a bucket of version 3.0 or later, you can purchase pull traffic packages to deduct the traffic. |
For details about OBS billing modes and standards, see Billing. |
Procedure
- Log in to the CDN console.
- In the navigation pane, choose .
- In the domain list, click the target domain name or click Configure in the Operation column.
- Click the Rules Engine tab and click Create Rule.
- Set the parameters shown in the following figure based on the service scenario.
Figure 1 Rule configuration
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
