All Products
Search

This Product

    ApsaraVideo Live:Configure hotlink protection

    Document Center

    ApsaraVideo Live:Configure hotlink protection

    Last Updated:Feb 20, 2025

    ApsaraVideo Live allows you to configure hotlink protection based on a Referer blacklist or whitelist. This helps you identify and filter users, prevent unauthorized access, and improve the live streaming security. This topic describes how to enable and use hotlink protection.

    Feature introduction

    Hotlink protection uses the Referer header to trace the sources of HTTP requests. When a user sends a request to a point of presence (POP), the POP verifies the Referer header against the configured Referer whitelist or blacklist. If the request passes the verification, the resource is returned. Otherwise, the HTTP status code 403 is returned.

    Note

    • Hotlink protection is optional. By default, it is disabled.

    • The blacklist and whitelist are mutually exclusive. The list that is configured last takes effect.

    • When you configure a Referer blacklist or whitelist, wildcard domain names can be automatically added. For example, if you enter example.com, the wildcard domain name *.example.com takes effect. This way, all subdomains of example.com are added to the list.

    • You can specify whether to allow requests with an empty Referer header to access your resources. If you allow such requests, users can directly access the resources by entering the URL into the address bar of a browser.

      • In most cases, mobile clients cannot obtain the Referer header. By default, requests with an empty Referer header are allowed. If you do not allow requests with an empty Referer header, you can use ApsaraVideo Player SDK to configure the Referer header for requests on mobile clients.

      • If you do not allow requests with an empty Referer header, you must configure HTTPS secure acceleration to enable forcible redirect and set the Redirect Type parameter to HTTP > HTTPS. Take note that some browsers remove the Referer header when they process HTTPS requests that are sent to access HTTP resources. This causes access failures.

    Procedure

    1. Log on to the ApsaraVideo Live console.

    2. In the left-side navigation pane, click Domain Names. The Domain Management page appears.

    3. Find the streaming domain that you want to configure and click Domain Settings in the Actions column.

    4. Choose Streaming Management > Access Control.

    5. Click the Hotlink Protection tab, and turn on Referer-based Hotlink Protection.

      开启

    6. Specify the Type parameter, add Referers in the Referrers text box, and then click OK.

      配置防盗链

      The following table describes the types of Referer-based hotlink protection.

      Type

      Description

      Blacklist

      Requests from domain names that are included in the blacklist cannot access your resources.

      Whitelist

      Only requests from the domain names that are included in the whitelist can access your resources.