Checks whether Referer-based hotlink protection is enabled for each domain name accelerated by Alibaba Cloud CDN (CDN). If so, the evaluation result is compliant.
Scenarios
Referer-based hotlink protection identifies and filters user identities based on the Referer header in requests to implement access control and prevent unauthorized access. After you configure a Referer whitelist or blacklist, CDN allows or blocks requests based on user identities. If a request is allowed, CDN returns the URL of the requested resource. If a request is blocked, CDN returns the HTTP 403 status code.
Risk level
Default risk level: low.
When you configure this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
If Referer-based hotlink protection is enabled for each domain name accelerated by CDN, the evaluation result is compliant.
Rule details
Item | Description |
Rule name | cdn-domain-referer-enabled |
Rule ID | |
Tag | CDN |
Automatic remediation | Not supported |
Trigger type | Configuration change |
Supported resource type | ACS::CDN::Domain |
Input parameter | None |
Non-compliance remediation
Enable Referer-based hotlink protection for each domain name accelerated by CDN. For more information, see Configure a Referer whitelist or blacklist to enable hotlink protection.