|
|
|
|
|
|
by 0xbadcafebee
2009 days ago
|
|
|
You need to block traffic at the origin from anyone except your CDN or proxy, and the CDN or proxy must not accept such headers, they must set them themselves. Depending on your set-up you may need to use one or both of those headers. For example, you might use CloudFlare for some requests and CloudFront for others, as you may find one or the other to be cheaper or faster for specific content. So you may need to allow both headers at your origin's reverse proxies, but distinguish between which to accept and where to redirect the traffic based on the Virtual Host and request URI. |
|
|