You can set referer blocklist/allowlist and rules to block/allow playback requests so as to protect live streaming content. You can also choose whether to allow empty referer.
How to Configure
Referer URL is based on the HTTP protocol. CSS uses the referer field in an HTTP request to identify the source and verify the request, and then determine whether to accept or reject the request.
Notes
Referer information is included in the HTTP. After configuration, RTMP and non-web WebRTC will not verify the Referer configuration and will still play normally. If you need to configure Referer, it is recommended to use FLV or HLS for playback.
Enabling, disabling, or modifying the referer takes effect in 15-20 minutes after the configuration. You don't need to push streams again.
The referer hotlink protection feature verifies the referer information in the header of an HTTP request so as to check whether the request is valid and allow or reject live streaming accordingly. However, there may be cases where a forged referer bypasses the verification to hotlink the service. Therefore, we recommend you not strongly rely on referer for content protection.
Prerequisites
You have activated the CSS service and logged in to the CSS console.
1. Select Domain Management, and click the target playback domain or click Manage on the right to enter the domain management page.
2. In Access Control > Referer Configuration, click
to enable Referer Hotlink Protection.
3. And configure as follows:
Configuration Item
Description
Referer Type
Select Blocklist or Allowlist as the referer type.
You cannot select both of them,
When the referer allowlist is configured, request sources on the list will be allowed to access the live streaming content while those not on the list will be blocked.
When the referer blocklist is configured, request sources on the list will be blocked to access the live streaming content while those not on the list will be allowed.
Allow Empty Referer
When this feature is enabled, access will be allowed for HTTP requests with empty or no referer field. Users can access the live stream URL directly via browsers.
When this feature is disabled, requests with empty referer will be rejected.
Referer Patterns
The total number of characters for rules cannot exceed 4,000. (It is recommended that the number of rules be no greater than 200.) Separate rules by line breaks. Blank lines and semicolons (;)are not allowed.
For ordinary rules, strings in these rules can be matched, and the wildcard character * is supported for fuzzy matching. For example,https://*.domain.com.
For regular expression rules, they should be included in parentheses(). For example, you can use (^https?://www.domain.com($/) to match www.domain.com and use (https?://[^/?]*domain.com($|/) to match*.domain.com.
4. Click Save to save the configuration.
Modifying Referer
1. Select Domain Management, and click the target playback domain or click Manage on the right to enter the domain management page.
2. In Access Control > Referer Configuration, click Edit to enter the referer configuration page.
3. Modify the configuration items and click Save.
Disabling Referer
After enabling the referer, you can disable it by performing the following steps:
1. Select Domain Management, and click the target playback domain or click Manage on the right to enter the domain management page.
2. In Access Control > Referer Configuration, click
