You can use Referer-based hotlink protection, URL signing, remote authentication, IP blacklists and whitelists, and User-Agent blacklists and whitelists to recognize and filter user requests. These features regulate access to Alibaba Cloud CDN and improve service security.
You can use the following features to implement access control.
| Feature | Description |
|---|---|
| Configure a Referer whitelist or blacklist to enable hotlink protection | Allows you to configure a Referer whitelist or blacklist to recognize and filter user requests. This feature regulates access to Alibaba Cloud CDN and protects your websites from hotlinks. |
| Configure URL signing | Allows origin servers to authenticate requests based on signatures. URL signing supports custom signature strings and timestamps, and protects origin servers from unauthorized access. Compared with Referer-based hotlink protection, URL signing provides enhanced protection and is suitable for protecting security-sensitive files. |
| Configure remote authentication | Remote authentication is similar to URL signing. Both are used to protect resources from unauthorized access. Only authorized requests can retrieve resources from Alibaba Cloud CDN. URL signing is performed by CDN edge nodes, whereas remote authentication is performed by authentication servers, which can be specified by you. |
| Configure an IP blacklist or whitelist | Allows you to configure an IP whitelist or blacklist to recognize and filter user requests. This feature regulates access to Alibaba Cloud CDN and prevents security issues such as IP theft and attacks. |
| Configure a User-Agent blacklist or whitelist | A user agent identifies a client. You can configure a User-Agent blacklist or whitelist to recognize and filter user requests. Only authorized clients have access to your resources. |