To enhance the security of your origin server, you can obtain the back-to-origin IP addresses of Alibaba Cloud CDN nodes and add them to a whitelist. This ensures that your origin server accepts requests only from Alibaba Cloud CDN.
Alibaba Cloud CDN dynamically assigns IP addresses to nodes for origin fetch, and these IP addresses are not fixed. Therefore, do not configure a fixed list of back-to-origin IP addresses on your origin server. This configuration can cause origin fetch failures.
If you have special requirements, such as security software installed on your origin server, you may need to configure a whitelist. You can call the DescribeL2VipsByDomain operation to retrieve the latest list of back-to-origin IP addresses. Then, add these IP addresses to the whitelist on your origin server to ensure normal access.
Note: Only users with a daily peak bandwidth of 1 Gbps or higher can call this operation. If you meet this requirement, submit a ticket to request the required permission.