Edge Server Identification
With this behavior enabled, your origin server can use a cookie to verify if requests from Akamai servers to your origin are genuine.
How it works
You set up a cookie name-value pair, such as akamai=true that the edge server will send to the origin to verify that it's an Akamai edge server.
Features and options
| Field | What it does |
|---|---|
| Enable | Enables or disables the cookie-authorization behavior. |
| Cookie Name | Specifies the name of the cookie to use for authorization. |
| Cookie Value | Specifies the value of the authorization cookie. |
| Cookie Domain | Specify the cookie’s domain, which must match the top-level domain of the Host header the origin server receives. |
Tips and best practices
Edge Server Identification should be used inside a rule that has the requested hostname specified as matching criteria, since the cookie domain must be the top level domain of the host header forwarded to the origin, and this forward hostname is associated with the requested hostname.
For example, if the forwarded host is www.images.example.com, the cookie domain should be example.com.
When not explicitly defined within a rule with a hostname match, there is a limitation if one origin accepts multiple hostnames (that may occur with, for example, virtual servers) that do not have a common top level domain, for example www.domainA.com and www.domainB.com.
If this occurs, the identifying cookie isn't sent to any origin that doesn't forward host top level domain.
If there are multiple origins used in this property configuration and those origins serve hostnames with different top level domains (domainA, domainB, domainC, etc.), the cookie using cookie domain domainA may not be forwarded to the others.
Updated about 3 years ago