Checks whether URL signing is enabled for each domain name accelerated by Alibaba Cloud CDN (CDN). If so, the evaluation result is compliant.
Scenarios
By default, the content distributed by CDN is publicly available. Users can access the content by using URLs. If you want to prevent your resources from hotlinking and unauthorized access, you can use Referer whitelist and blacklist, IP whitelist and blacklist, and URL signing to regulate access control. URL signing adds signature strings and timestamps to URLs to enhance access control.
Risk level
Default risk level: high.
When you configure this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
If URL signing is enabled for each domain name accelerated by CDN, the evaluation result is compliant.
Rule details
Item | Description |
Rule name | cdn-domain-aliauth-enabled |
Rule ID | |
Tag | CDN |
Automatic remediation | Not supported |
Trigger type | Configuration change |
Supported resource type | ACS::CDN::Domain |
Input parameter | None |
Non-compliance remediation
Enable URL signing for each domain name accelerated by CDN. For more information, see Configure URL signing.