After you configure an accelerated domain name in ApsaraVideo VOD, you can configure Referer-based hotlink protection, User-Agent blacklist or whitelist, IP address blacklist or whitelist, URL signing, and remote authentication for the accelerated domain name to identify and filter visitors. This way, you can control access to ApsaraVideo VOD resources.
Configure Referer-based hotlink protection
ApsaraVideo VOD supports Referer-based hotlink protection. You can configure a Referer blacklist or whitelist to identify and filter users. This helps you control access to resources and improve the security of resources in ApsaraVideo VOD. For more information, see Configure a Referer whitelist or blacklist to enable hotlink protection.
Configure a User-Agent blacklist or whitelist
User-Agent is an identifier that contains information about the client that makes the request. You can configure a User-Agent blacklist or whitelist to identify and filter users. This helps you control access to resources and improve the security of resources in ApsaraVideo VOD. For more information, see Configure a User-Agent blacklist or whitelist.
Configure an IP address blacklist or whitelist
ApsaraVideo VOD supports the IP address blacklist or whitelist. You can configure an IP address blacklist or whitelist to identify and filter users. This helps you control access to resources and improve the security of resources in ApsaraVideo VOD. For more information, see IP address blacklist or whitelist.
Configure URL signing
ApsaraVideo VOD supports URL signing. You can configure the encrypted string and timestamp carried in the request to generate a signed URL. When a client accesses a cloud resource by using the signed URL, the system authenticates the request and allows only requests that pass the authentication. For more information, see Configure URL signing.
Configure remote authentication
Remote authentication is similar to URL signing. Both are used to protect resources from unauthorized access. Only authorized users can retrieve resources from POPs. If you use URL signing, the points of presence (POPs) complete the signing process. If you use remote authentication, you must build a self-managed authentication server. After POPs receive client requests, the requests are redirected to the specified authentication server. For more information, see Remote authentication.