The anti-leech function uses the HTTP Referer header to track the sources of requests and verify the requests. You can control the access to CDN resources by configuring a Referer blacklist or whitelist to identify and filter visitors.
Currently, the anti-leech function supports both the blacklist and whitelist. After a visitor initiates a request to access CDN resources, the CDN node authenticates the visitor against the blacklist or whitelist. If the visitor is in the blacklist, the request is rejected and error code 403 is returned.
- This function is optional and is disabled by default.
- To enable this function, edit the Referer Blacklist or Referer Whitelist. The Referer Blacklist and Whitelist are mutually exclusive. You can choose only one of them.
- You can allow requests with an empty Referer header to access the CDN resources. This means that you can allow visitors to directly access CDN resources by entering URLs in a web browser’s address bar).
- After you enable this function, wildcard domain names are supported. For example, you can enter
example.comto include all
- If you disallow requests with an empty Referer header, be sure to configure HTTPS secure acceleration and enable force HTTPS redirect (HTTP to HTTPS). Some browsers remove the Referer header when processing HTTPS requests, resulting in access failure.
- The blacklist and whitelist only work for enabled domain names, but not disabled domain names.
Go to the Domain Names page, select the target domain name, and click Configure.
- For each CDN domain for VOD, the Referer blacklist or whitelist can contain a maximum of 100 entries.
- When the Referer Whitelist is enabled, you must manually add
alicdn.comto it to ensure that videos and images in the console can be displayed properly.