: Prevent image hotlinking from Amazon S3 and while allowing social networks I'm using Amazon S3 to host some assets (mostly images) on a small project. I'm trying to find a way to prevent leeching
I'm using Amazon S3 to host some assets (mostly images) on a small project. I'm trying to find a way to prevent leeching (which can be very serious should someone tried to use a network of bots to shoot my bill to the stars).
My current approach is using this policy:
{
"Version": "2008-10-17",
"Id": "",
"Statement": [
{
"Sid": "Allow in my domains",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::BUCKET/*",
"Condition": {
"StringLike": {
"aws:Referer": [
"http://www.myproject.com/*"
]
}
}
},
{
"Sid": "Deny access if referer is not my sites",
"Effect": "Deny",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::BUCKET/*",
"Condition": {
"StringNotLike": {
"aws:Referer": [
"http://www.myproject.com/*"
]
}
}
}
]
}
The issue is that by applying such policy, social network sharing services as Facebook's and Google Plus' becomes unable to reach my images to compose the 'post'. Both Facebook and Google reach for the shared content and transfer a generated thumbnail from the content image to their own servers (Facebook uses Akamai, tbw)...
Does any of you have an idea of which hosts those two social networks uses to retrieve files so I can grant them access?
More posts by @Speyer207
1 Comments
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.