Access Protecton

On the Access Protection tab (access settings), you can restrict certain users from accessing your content via CDN.

Open

Access and Protection Settings

To enable or disable any of the protection settings, move the corresponding switch to the active or inactive position. The status of each setting, On or Off, is displayed to the right of its name.

Referrer check

Referrer settings: Here you can specify a list of domains that will be automatically allowed / denied access to this resource.

When using the “white” list, you can limit traffic for requests with a missing referrer. Your custom domains will automatically have access.

Empty, firewall or proxy wiped referrers, are allowed by default. You can overwrite this behavior by enabling blocking by the appropriate settings on the Allowlist tab highlighted below:

For Google subdomain referrers (google.* and *.google.com), you can use wildcard value.

Regional limitation

Country protection parameter: зhere you can specify a list of countries for which your content will be available (Allowlist) or a list of countries whose users will not be allowed to access the content (Blocklist). To do this, select all required countries from the drop-down list.

Depending on whether you want to set a blacklist or whitelist, switch between the Blocklist or Allowlist restriction type, respectively.

IP control

IP protection parameter: As shown above, you can set IP address blocklist or allowlist separated by commas, you. an also add the IP-mask to block or allow access here.

HSTS

HTTP Strict-Transport-Security - is a mechanism to force a transition from HTTP to HTTPS protocol. You can specify a period of time for which the user’s browser will remember this setting (in days and hours), as shown below.

CORS

Cross-Origin Resource Sharing - When CORS is activated, the CDN uses an additional header with a wildcard value, providing cross-origin access to your resource.