When you send a resource access request from a client, if CDN cannot find the resource on the CDN node, it retrieves the resource from the origin and then loads the resource to the CDN node. You can configure back-to-origin functions to accelerate access to CDN resources.

CDN supports the following back-to-origin functions.
Function Description
Configure an origin host Allows you to specify the domain type of the origin host for CDN nodes retrieving resources from the origin.
Configure an origin protocol Allows you to configure an origin protocol policy for retrieving resources from the origin to CDN nodes when CDN cannot find the resources on CDN nodes.
Enable private bucket back-to-origin authentication Allows you to use private Object Storage Service (OSS) buckets as origins in order to prevent resource hotlinking.
Disable private bucket back-to-origin authentication You can log on to the RAM console and remove authorization from a specified role to disable private bucket access.
Back-to-origin SNI If CDN nodes access your origin over HTTPS and your origin IP address is bound to multiple domain names, then you must select a domain name for CDN by specifying the Server Name Indication (SNI) of the domain name.
Customize an origin HTTP header If you configure CDN to use HTTP to communicate with your origin, you can add or remove HTTP header fields.
Set the origin request timeout period The default timeout period for a resource request sent from a CDN node to an origin is 30 seconds. You can customize the timeout period. If the CDN node does not receive any response before the timeout period expires, the CDN node disconnects from the origin.