amazon web services - How to restrict CloudFront access to my website only? -

-

i have looked below answer talks origin access identity private content , signed urls. content not private, open public dont want other websites hotlink images. in other words, images on site should access via urls under domain.

simple example restrict access cloudfront(s3) files users not others

i've followed below document create oai on cloudfront distribution.
http://docs.aws.amazon.com/amazoncloudfront/latest/developerguide/private-content-restricting-access-to-s3.html

after apply oai on distribution, weird happened. access images, , not.
, when working localhost not access cloudfront images.

is there way can specify domains have access resources , ones not? this?

{             "sid": "allowpublicread",             "effect": "allow",             "principal": {                 "aws": "*"             },             "action": "s3:getobject",             "resource": "arn:aws:s3:::my-bucket/*",             "condition": {                 "stringlike": {                     "aws:referer": [                         "http://example.com/*",                         "localhost:*"                     ]                 }             }         }

the "block" action via policy have has happen @ cloudfront level. s3 won't factor in except when it's being queried new content (which might explain why had weird issues trying access images).

if issue trying block hotlinking, unfortunately, believe way handle via aws signed url's: http://docs.aws.amazon.com/amazoncloudfront/latest/developerguide/privatecontent.html

here's stack thread on subject: preventing amazon cloudfront hotlinking

just give alternative simpler, though requires occasional manual updating, here i've done in past. core of put cname on cloudfront distribution, assets-1.yoursite.com. after few months, if find being hotlinked to, can change cname assets-2.yoursite.com, , update site use new url. if have single variable controls cdn path site, quick fix.

it's explained in depth here: http://www.explainthatstuff.com/blocking-cloudfront-hotlinks.html

you use cloudfront 'popular objects' , 'top referrer' analytics sections in aws console monitor amount of traffic coming other sites see when time switch cname's.


Comments

Post a Comment

Popular posts from this blog

php - Zend Framework / Skeleton-Application / Composer install issue -

-
i trying create zend framework application using skeleton in netbeans. when run composer install, following error message: "c:\php\php.exe" "c:\composer\composer.phar" "--ansi" "--no-interaction" "update" "--dev" using deprecated option "dev". dev packages installed default now. loading composer repositories package information updating dependencies (including require-dev) requirements not resolved installable set of packages. problem 1 - package requires php >=5.5 php version (5.4.42) not satisfy requirement. problem 2 - installation request zendframework/zendframework 2.5.1 -> satisfiable zendframework/zendframework[2.5.1]. - zendframework/zendframework 2.5.1 requires php >=5.5 -> php version (5.4.42) not satisfy requirement. done. apparently, zend framework only needs php 5.3+ contradicts above. need use php 5.4. my composer.json following: { "name": "
Read more

c# - Better 64-bit byte array hash -

-
i need hash algorithm produces 64-bit hash code ( long ) fewer collisions string.gethashcode() , fast (no expensive calls cryptographic functions). here's implementation of fnv still shows 3% of collisions after testing 2 million random strings. need number way lower. void main() { const string chars = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz!#@$%^&*()_+}{\":?><,./;'[]0123456789\\"; const int n = 2000000; var random = new random(); var hashes = new hashset<long>(); int collisions = 0; for(int = 0; < n; i++) { var len = random.next(chars.length); var str = new char[len]; (int j = 0; j < len; j++) { str[j] = chars[random.next(chars.length)]; } var s = new string(str); if(!hashes.add(get64bithash( s ))) collisions++; } console.writeline("collision percentage after " + n + " random strings: " + ((doubl
Read more

python - PyCharm Type error Message -

-
i'm newbie trying out ml/dbn in python (3.4) under pycharm (comm.ed 4.5). following definition def make_thetas(xmin,xmax,n): xs = np.linespace(xmin,xmax,n) widths = (xs[1:] - xs[:-1])/2.0 thetas = xs[:-1] + widths return thetas throws error "class 'tuple' not define ' sub ', '-' operator cannot used on instance" on - operator on third line (widths = ....) ideas on how code running under pycharm - works alright in interactive python window. thx. to all, after g'g lot have found workaround seems work within pycharm. workaround because (even python newbie) expected python not need explicit typecasting, not when using datatypes imported lib such numpy. def make_thetas(xmin,xmax,n): xs = np.array(np.linspace(xmin,xmax,n)) widths = (xs[1:] - xs[:-1])/2.0 thetas = xs[:-1]+ widths return thetas using docstrings type-hinting such below did not work def make_thetas(xmin,xmax,n): "&q
Read more