Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Preventing Amazon Cloudfront hotlinking

Tags:

I use Amazon Cloudfront to host all my site's images and videos, to serve them faster to my users which are pretty scattered across the globe. I also apply pretty aggressive forward caching to the elements hosted on Cloudfront, setting Cache-Controlto public, max-age=7776000.

I've recently discovered to my annoyance that third party sites are hotlinking to my Cloudfront server to display images on their own pages, without authorization.

I've configured .htaccessto prevent hotlinking on my own server, but haven't found a way of doing this on Cloudfront, which doesn't seem to support the feature natively. And, annoyingly, Amazon's Bucket Policies, which could be used to prevent hotlinking, have effect only on S3, they have no effect on CloudFront distributions [link]. If you want to take advantage of the policies you have to serve your content from S3 directly.

Scouring my server logs for hotlinkers and manually changing the file names isn't really a realistic option, although I've been doing this to end the most blatant offenses.

Any suggestions would be welcome.

like image 717
Donald Jenkins Avatar asked Apr 13 '11 17:04

Donald Jenkins

People also ask

How do I turn off Amazon CloudFront?

In the right pane of the CloudFront console, select the check box for the distribution that you want to delete. Choose Disable to disable the distribution, and choose Yes, Disable to confirm. Then choose Close.

How does Amazon CloudFront ensure low latency?

Reduce latency by delivering data through 410+ globally dispersed Points of Presence (PoPs) with automated network mapping and intelligent routing. Improve security with traffic encryption and access controls, and use AWS Shield Standard to defend against DDoS attacks at no additional charge.

How can I improve my CloudFront performance?

You can improve performance by increasing the proportion of your viewer requests that are served directly from the CloudFront cache instead of going to your origin servers for content. This is known as improving the cache hit ratio.

1 Answers

You can forward the Referer header to your origin

  1. Go to CloudFront settings
  2. Edit Distributions settings for a distribution
  3. Go to the Behaviors tab and edit or create a behavior
  4. Set Forward Headers to Whitelist
  5. Add Referer as a whitelisted header
  6. Save the settings in the bottom right corner

Make sure to handle the Referer header on your origin as well.

like image 132
Blaise Avatar answered Oct 26 '22 23:10

Blaise
Sign in to Comment

Related questions

How to mock getApplicationContext
Import .frm and .opt files to MySQL
How to tell a std::priority_queue to refresh its ordering?
VisualVM hanging on startup "computing description"
Android close custom dialog
Flip card effect for non-webkit browsers
Amazon EBS, snapshots as incremental backups
Unable to trigger mouse event in Capybara test
generate_series() equivalent in MySQL
How to make javac find JAR files? (Eclipse can see them)
Using named parameters with PDO for LIKE
How to access Gnuplot's (auto)range values and modify them to add some margin?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!