Configuring Referer Header Checking

This option configures all instances for referer header checking to ensure that a request has originated from an expected page. You can enter one or more domain names.

• To enter more than one domain name, separate each one with a comma. For example:

  yourdomain.com,yourdomain-wer.com.

• You can use an asterisk as a wild card character to indicate one or more characters. For example:

  *domain, y*domain.com,yourdomain*12*.com.

Note: You can use domain names that specifically relate to your company.

You can enable this functionality in the Security section of the Installation Settings for all instances, or on the General tab of the instance. The domain names you enter at the instance override the domain names you entered in Installation Settings.

Set domain names for referer header checking for all instances

1. Go to the Security section on the Installation Settings tab.

   1. Start the Archer Control Panel.
   2. Click the Installation Settings tab, and then go to the Security section.
2. In the Allowed field, enter one or more domain names.
3. On the Toolbar, click Save.

Enable referer header checking for an instance

1. Go to the Security section for the instance.

   1. Start the Archer Control Panel.
   2. From the Instance Management list, double-click the instance that you want to enable the referer header checking.
   3. On the General tab, go to the Security section.
2. (Optional) In the Override field, enable Override default setting if you do not want the referer header checking configuration for the instance to be the same as the general setting for all other instances.
3. In the Referer Header Checking field, enable referer header checking for this instance.
4. In the Allowed field, enter the domain names of valid hosts from which a request can originate.
5. On the toolbar, click Save.