/ Register

Learn about Centmin Mod LEMP Stack today
Register Now

CDN KeyCDN - Prevent someone accessing pulled HTML

Discussion in 'Domains, DNS, Email & SSL Certificates' started by trxerz, Feb 17, 2016.

Tags:
Previous Thread Next Thread
Loading...
  1. Feb 17, 2016 #1
    trxerz

    trxerz Member

    69
    5
    8
    Jun 25, 2015
    Ratings:
    +7
    Local Time:
    3:59 AM
    Hello,
    Anyone have an idea on how to prevent someone accessing html page generated by CDN with Pull Zone?

    I mean restricted access to "http://cdn1.myownsite.com/" html page, but not the assets (js, css, web font, etc).
    I see KeyCDN can do it on "https://cdn.keycdn.com/", when you access it, it give a "405 Not Allowed" error message.

    Restrict the generated HTML could be helpful to prevent content scraper or website cloner.

    I've talk with KeyCDN support, and they forward me to this article:
    How to Restrict CDN Traffic to Your Origin Server

    However, I've difficulty when following the first step to define X-Pull key. I've no idea about tcpdump command, and KeyCDN support isn't really helpful.

    Thanks
     
  2. Feb 17, 2016 #2
    eva2000

    eva2000 Administrator Staff Member

    54,934
    12,240
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,812
    Local Time:
    1:59 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  3. Feb 17, 2016 #3
    trxerz

    trxerz Member

    69
    5
    8
    Jun 25, 2015
    Ratings:
    +7
    Local Time:
    3:59 AM
  4. Feb 17, 2016 #4
    eva2000

    eva2000 Administrator Staff Member

    54,934
    12,240
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,812
    Local Time:
    1:59 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    pretty straight forward instructions just follow those as that's something you need to figure out yourself

    i don't do it on https://cdnk1.centminmod.com/ as I don't care if folks visit that url itself

    edit: you'll just need to place
    Code:
      if ($http_x_pull ~* "Your_secret_key") {
          return 405;
  }
    in 2 existing Centmin Mod created location contexts
    1. in /usr/local/nginx/conf/php.conf for php requests location context - add it under the line
      Code:
      location ~ \.php$ {
    2. in /usr/local/nginx/conf/staticfiles.conf for html, htm, txt location context - add it under the line
      Code:
      location ~* \.(html|htm|txt)$ {
    edit: just implemented the X-Pull KeyCDN header on https://cdnk1.centminmod.com/ and works fine :)
     
    Last edited: Feb 17, 2016
  5. Feb 24, 2016 #5
    trxerz

    trxerz Member

    69
    5
    8
    Jun 25, 2015
    Ratings:
    +7
    Local Time:
    3:59 AM
    Hi, thanks for the update George.
    It's working now.
     
Previous Thread Next Thread
Loading...

.