Checks whether Referer-based hotlink protection is enabled for CDN domain names. If enabled, the resource is compliant.
Scenarios
Referer-based hotlink protection uses the Referer header in HTTP requests to control access and prevent unauthorized use of resources. After you configure a Referer whitelist or blacklist, CDN allows or blocks requests based on the Referer header. Allowed requests return the resource URL; blocked requests return HTTP 403.
Risk level
Default risk level: low.
You can change the risk level when you configure this rule.
Compliance evaluation logic
A CDN domain name is compliant if Referer-based hotlink protection is enabled.
Rule details
|
Item |
Description |
|
Rule name |
cdn-domain-referer-enabled |
|
Rule ID |
|
|
Tag |
CDN |
|
Automatic remediation |
Not supported |
|
Trigger type |
Configuration change |
|
Supported resource type |
ACS::CDN::Domain |
|
Input parameter |
None |
Non-compliance remediation
Enable Referer-based hotlink protection for each CDN domain name. Configure a Referer whitelist or blacklist to enable hotlink protection.