hilord In a website configuration about hotlink protection, I read that by default it's configured to allow empty referer, but when I create a new website the "Allow empty HTTP_REFERER" is unchecked... So, I don't know what I should think: does it mean that there's a mistake in the help (ie. by default the empty referer are blocked since the checkbox is not enabled) or is it the description of the checkbox which is wrong (ie. it doesn't allow but protect/prevent/avoid allowing any empty referer). It confuses me; or it's me LOL
aaPanel_Kern Hello, What is the version of aapanel you are using? You can also check whether these are in the configuration file. #SECURITY-START Hotlink protection configuration hilord
hilord Hello, I'm using the last stable release: 7.0.18. But my question was rather, why write "by default, empty referers are not restricted", while by default the "allow empty referer" checkbox is unchecked (meaning, it's restricted)?
aaPanel_Kern 【Allow empty HTTP_REFERER request】 Whether to allow direct access by the browser, if your website access is abnormal, you can try to enable this function hilord
