API
The Gcore Customer Portal is being updated. Screenshots may not show the current version.
CDN
CDN
For static filesFor the entire site
AWS S3B2evolutionClouldFlareConcrete5CraftCs-cartDjango CMSDrupalGoogle Cloud StorageIPBIPSJoomlaKirbyMagentoPerchPrestaShopPyroCMSSocialEngineTypo3vBulletinWebasyst
Gcore pluginRocket pluginW3 Total Cache pluginWP SuperCache plugin
X-CartXenForo
Integrate CDN with FastEdge
Add CDN servers to ACLHTTP/2
Timeouts
BillingCDN resources overview
Specify an originPrivate originEnable SSL ValidationCreate a custom domain (CNAME)SSL certificatesEnable shielding (paid)Suspend a CDN resourceConnection and read timeouts
Configure CDN cachingSet a redirect from an originConfigure browser cachingIgnore Set Cookie or Query stringUse stale cache if origin is unavailableCache ShardingModify cache key
Manage access policiesRedirect from HTTP to HTTPS
OverviewConfigure and use
Specify HTTP methodsSet SNI hostname
Gcore WAAP (Beta)
GZip, BrotliFetch
Status codeLarge files deliveryRewriteWebSockets
Add request headersActivate CORSConfigure response headersManage the Host headerIdentify a user's request protocol
Network limits
Image stack overviewEnable Image stack
Convert to WebP or AVIFChange qualityCropResize
Troubleshooting
Streaming via CDN (for paid tariffs)Geobalancer (for paid tariffs)
Create a ruleCreate a template for rulesAvoid indexing
Origin group
SSL overviewOwn SSL certificateLet's Encrypt certificate
PurgePrefetch
Export CDN logsLog Viewer (free)
Reports
Grafana reports
Install and integrate with CDNCreate and manage CDN resourcesCopy CDN resourcesCreate a CDN ruleAdd an SSL certificateSet up version control and perform rollback
Error status codesTraceparentContent unavailabilityLow cache hit ratioLow content delivery speedAttaching or issuing an SSL certificate3xx codes4xx codes5xx codes
API
Chosen image
Home/CDN/CDN resource options/Access/Manage access policies

Control access to the content with country, referrer, IP, and User agents policies

Referrer access policy

Referrer access policy is a restriction to publish the links to content on your site on other sites. To enable the option navigate to CDN resources, click Settings of the resource, choose the Advanced Settings tab, in the Access (Security) click Add policy and find Referrer access policy. 

By default, there are no restrictions by referrer to your CDN resource. You can set up allow or block Policy.

Allow referrer policy

Allow referrer policy

Specify domains to which you would like to block access.

  • www.domain.com if you want to block access to the specific domain
  • *.domain.com  if you want to block access to all subdomains of domain.com

When users request data from specified domains, they will get the denial of access.

Block referrer policy

Block referrer policy

Specify the domains which you would like to allow access to.

  • www.domain.com if you want to allow access to the specific domain
  • *.domain.com if you want to allow access to all subdomains of domain.com

When a user requests data from other domains, they will get the denial of access.

You can specify domains only one by one via the Gcore Customer Portal. To add the list of the domains use API.

Country access policy

You can limit access to your content for listed countries. To enable the option navigate to CDN resources, click Settings, open the Advanced Settings, in the Access (Security) click Add policy and find Country access policy. 

By default, there are no restrictions by country to your CDN resource. You can set up allow or block policy.

Note: You can specify countries only one by one via the Gcore Customer Portal. To add the list of the countries, use API.

Allow country access policy

Access to the resource is allowed for all the countries except for the specified in the field.

Allow country access policy

Block country access policy

Access to the resource is denied for all the countries except for the specified in the field.

Block country access policy

IP access policy

You can limit access to your content to IP ranges.

In CDN resource settings choose Show Advanced Settings, in the Access (Security) click Add policy and find IP access policy. 

By default, there are no restrictions by IP to your CDN resource. You can set up Allow or Block policy.

The option supports IPv4 and IPv6 addresses.

You can specify IPs only one by one via the Gcore Customer Portal. To add the list of the IPs use API.

Allow IP policy

Access to the resource is allowed for all the IPs except for the specified in the field.

Allow IP policy

Block IP policy

Access to the resource is denied for all the IPs except for the specified in the field.

Block IP policy

User agent access policy

You can limit access to your CDN content for User agents, for example, for certain browsers, consoles or some other devices.

In CDN resource settings choose Show Advanced Settings, find Access (Security), click Add policy and find User agents policy. 

By default access to the resource is allowed for all the kinds of User Agents. You can set up the allow or block policy.

Set via the Customer Portal

To set the user agents using the Gcore Customer Portal:

1. Go to CDN and select the CDN resource you want to configure.

Set via the Gcore Customer Portal

2. In the sidebar, under the "Access" section, select User agents policy.

Access

3. Toggle "Enable user agents policy" and choose either the Allow by default or Block by default option:

  • Selecting Allow by default allows access for all user agents except those specified.
  • Choosing Block by default blocks access for all user agents except those specified.
Enable user agents policy

4. Set one or more user agents in the User-Agent select box. Accepted values are:

  • Empty value. This appears as an option in the select box. Select this value to allow or block incoming requests that do not have a User-Agent header.
Empty value
  • User agent string. Enter one or more unique user agents. The maximum length of each string is 255 characters. If you need to increase this limit, you can contact our support team.
User agent string

Note: User-Agent text box cannot be left blank.

5. Click Save changes. Allow at least 15 minutes for the changes to take effect.

Save changes.

Set via the API

To set the user agents using the API, the request must include the user_agent_acl object. The following is a sample code for the object:

"options": {  
    "user_agent_acl": {  
       "enabled": true,  
       "policy_type": "allow",  
       "excepted_values": [  
          "",  
          "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"  
      ]  
   }  
}

Request properties

The user_agent_acl object passes the following information:

Property Description
enabled This property indicates whether to enable the User Agents Policy. Possible values:
  • true enables the option
  • false disables the option
policy_type This property indicates the action to apply to the matching request. Possible values:
  • allow allows the request
  • deny blocks the request
excepted_values This property is an array of user agents to allow or block. The array must contain at least 1 item. Possible values:
  • two double quotation marks without a space in-between ("") represents the empty value
  • a string that represents the user agent, with a maximum length of 255 characters; if you need to increase this limit, you can contact our support team

Example

This example shows a CDN update request that activates the User Agents Policy and blocks the requests without a User agent header.

CDN update request

Was this article helpful?

Not a Gcore user yet?

Learn more about our next-gen CDN

Go to the product page
Edit on GitHub