Help & Documentation>Content Delivery Network>Scenario Teaching>Hotlink protection

Hotlink protection

Last updated: 2025-01-02 10:36:42

On this page:

Business Scenario

To prevent high traffic caused by URL resource abuse, use hotlink protection to encrypt resources and prevent abuse.

Specific Requirements

Test URL: http://www.qcdntest.cn/test.jpg. Hotlink protection allowlist: test.qcdntest.cn. Empty referer option: Do not allow empty referer access;

Configuration Steps

1. In the console menu bar, select Domain Management, click Management on the right side of the domain to enter the domain configuration page, and find hotlink protection configuration in Access Control. By default, the authentication configuration is disabled:


2. Turn on the configuration status, and a configuration box will pop up to enter the configuration items.



3. Configure hotlink protection blocklist or allowlist For example, add test.qcdntest.cn to the allowlist.




Test Verification

This test uses the hotlink protection allowlist mode for verification. For tests in other modes, refer to the above steps for configuration. Test URL: http://www.qcdntest.cn/test.jpg Hotlink protection allowlist: test.qcdntest.cn Empty referer option: Do not allow empty referer access.

Verification Scenario One

Test empty referer access and verify the returned result. Execute command:
curl  http://www.qcdntest.cn/test.jpg -i



Return 403 status code, the configuration of not allowing empty referer access takes effect.

Verifying Scenario Two

Access with allowlist referer and verify the returned result. Execute command:
curl -e http://test.qcdntest.cn http://www.qcdntest.cn/test.jpg -i



Return 200 status code, the allowlist configuration takes effect.

Verifying Scenario Three

Access with non-allowlist referer and verify the returned result. Execute command:
curl -e http://test-test.qcdntest.cn http://www.qcdntest.cn/test.jpg -i



Return 403 status code, non-allowlist referer access denied.
中国站 - English