All Products
Search
Document Center

ApsaraVideo VOD:Use domain-based access control

Last Updated:Jul 01, 2024

After you configure an accelerated domain name in ApsaraVideo VOD, you can configure Referer-based hotlink protection, User-Agent blacklist or whitelist, IP address blacklist or whitelist, URL signing, and remote authentication for the accelerated domain name to identify and filter visitors. This way, you can control access to ApsaraVideo VOD resources.

Configure Referer-based hotlink protection

ApsaraVideo VOD supports Referer-based hotlink protection. You can configure a Referer blacklist or whitelist to identify and filter users. This helps you control access to resources and improve the security of resources in ApsaraVideo VOD. For more information, see Configure a Referer whitelist or blacklist to enable hotlink protection.

Configure a User-Agent blacklist or whitelist

User-Agent is an identifier that contains information about the client that makes the request. You can configure a User-Agent blacklist or whitelist to identify and filter users. This helps you control access to resources and improve the security of resources in ApsaraVideo VOD. For more information, see Configure a User-Agent blacklist or whitelist.

Configure an IP address blacklist or whitelist

ApsaraVideo VOD supports the IP address blacklist or whitelist. You can configure an IP address blacklist or whitelist to identify and filter users. This helps you control access to resources and improve the security of resources in ApsaraVideo VOD. For more information, see IP address blacklist or whitelist.

Configure URL signing

ApsaraVideo VOD supports URL signing. You can configure the encrypted string and timestamp carried in the request to generate a signed URL. When a client accesses a cloud resource by using the signed URL, the system authenticates the request and allows only requests that pass the authentication. For more information, see Configure URL signing.

Configure remote authentication

Remote authentication is similar to URL signing. Both are used to protect resources from unauthorized access. Only authorized users can retrieve resources from POPs. If you use URL signing, the points of presence (POPs) complete the signing process. If you use remote authentication, you must build a self-managed authentication server. After POPs receive client requests, the requests are redirected to the specified authentication server. For more information, see Remote authentication.

References

Add a domain name for CDN