Type to search...


This function allows you to protect image hosting with firewall and provides an opportunity to defend against malevolent usage / attacks.


  • activating the firewall (creation / modification) takes the system a maximum of 30 seconds
    • during this time, there is a chance of contact chatter until it is updated on all the servers
  • depending on the rules set, frontend image manipulation can be disabled as well, and it does not effect the listing of the images at all

Filtering options

According to acceptance:

  • denying: denies the request if there is a hit
  • accepting: goes to the next item on the checklist, if there is a hit
    • There is also an option to deny if there isn’t at least one acceptance activated.

According to rules

Interpretation of the IP address: if there is a specific user, or, if it cannot be determined, the last known endpoint’s IP address

  • IP address: checking by IP address
    • specific IP address
    • IP address range (masked)
    • from … to …. IP address range
    • IPv6 and IPv4 addresses supported
  • Country: defined by IP address the country where the specific IP address is assigned
  • Continent: defined by IP address the continent where the specific IP address is assigned
  • CDN: the last endpoint IP address that is from the CDN service provider - this is extremely useful if you want to limit the requests to CDN service providers, which can reduce costs

Order of rule-interpretation

  • accepting CDN
  • denying CDN
  • accepting IP
  • denying IP
  • accepting country
  • denying country
  • accepting continent
  • denying continent
  • denying, if there were no accepting


  • processing CU with every image servicing
  • CU when creating a firewall
  • CU when modifying a firewall
Table of contents