Referer header.
Modes
- Allow by default — every referrer can fetch content; list domains to block.
- Deny by default — only domains in your allowlist can fetch content.
When to use this
- Stop other sites from hotlinking your images, videos, or downloads.
- Pin your video player to a known set of partner sites.