You can configure a User-Agent blacklist or whitelist to authenticate and authorize visitors. This can restrict access to Dynamic Route for CDN (DCDN) resources and improve DCDN security. This topic describes how to configure a User-Agent blacklist or whitelist.

Background information

If you need to implement access control based on the User-Agent field, you must configure a User-Agent blacklist or whitelist to filter requests.
  • User-Agent blacklist: The User-Agent fields on the blacklist cannot be used to access resources.

    If your User-Agent field is added to the blacklist, a request with the User-Agent field can still be sent to a DCDN node. However, the DCDN node will reject the request and return a 403 error. Requests that contain the blacklisted User-Agent fields are still recorded in DCDN logs.

  • User-Agent whitelist: Only User-Agent fields on the whitelist can be used to access resources.

Procedure

  1. Log on to the Dynamic Route for CDN console.
  2. In the left-side navigation pane, click Domain Names.
  3. On the Domain Names page, find the target domain name and click Configure.
  4. In the left-side navigation pane of the specified domain, click Access Control.
  5. Click the User-Agent Black/White list tab.
  6. On the User-Agent Black/White list tab, click Modifying the configuration.
  7. Configure a blacklist or whitelist as prompted.
    Parameter Description
    Type
    The following two types are supported:
    • Blacklist

      The User-Agent fields on the blacklist cannot be used to access the current accelerated domain.

    • Whitelist

      Only User-Agent fields on the whitelist can be used to access the current accelerated domain.

    The blacklist and whitelist are mutually exclusive. The most recent configuration takes effect.

    Rules When you configure the User-Agent fields, separate multiple values with vertical bars (|). The User-Agent field can contain wildcards (*). Example: *curl*|*IE*|*chrome*|*firefox*
    User-Agent Black/White list
  8. Click OK.