Private assets in S3
By Randy Carey on Wednesday, 27 June 2018
Posted in Technical Issues
Replies 1
Likes 0
Views 470
Votes 0
We are using Easy Social as an intranet - with security so that only those logging in should be able to access any part of the site, including files, images, and even avatars. We wanted to push these assets to S3, but it seems that for those images to show up in the browser they have to be public in S3.

For instance, when I look at the HTML sent to the browser, I see an S3 link to an image. If I extract that link, I can view the image in a new browser with just that link.

Is there a way to use images and links to files so that they reside on S3 yet are not "public" and can be accessed only through the our Easy Social website?
Do you mean you would like to prevent hotlinking image or do not allow public user to access those image link manually on the browser?

If you refer on prevent hotlinking image, you can take a look this following reference link :
https://stackoverflow.com/questions/948823/how-do-i-prevent-hotlinking-on-amazon-s3-without-using-signed-urls
http://altlab.com/htaccess_tutorial.html

By disabling hotlinking does not stop people from downloading your images, but rather it will stop them from embedding them in their own site by linking out directly to your website.

If you refer do not allow public user to access those image link manually on the browser, unfortunately it seems like currently that is no other way to prevent this.
Arlex Wong
·
Wednesday, 27 June 2018 13:29
·
0 Likes
·
0 Votes
·
0 Comments
·
View Full Post