search
Log In
Welcome to Blogiestools Ask, a blogging community where beginner and professional bloggers come to seek answers from other bloggers’ experiences.

You can ask questions related to starting a blog, monetizing a blog, marketing a blog, managing a blog, fixing a problem, the best web tech tools to use, etc.

Register or log in to ask or answer questions.

Ask a Question

1 vote
I want to restrict users from downloading my pdf, images, and doc files at Amazon S3 bucket unless they are doing it from my domain
in Fixing Blog Problems

1 Answer

0 votes
 
Best answer

To restrict Amazon s3 media files download and access to a specific domain then follow the steps below.

  • Step 1: Go to the Amazon S3 bucket 
  • Step 2: Click on the main folder of the bucket
  • Step 3: At the top, you will see properties, permissions, metrics, management, and access points. Click on permissions
  • Step 4: Copy and paste the JSON code below to the Bucket Policy form. Make sure you have changed the highlighted text below to your s3 account username, domain URL, and bucket name 

{

    "Version": "2012-10-17",
    "Id": "http referer policy example",
    "Statement": [
        {
            "Sid": "Allow get requests referred by www.blogiestools.com and blogiestools.com.",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::491093115787:user/blogfy"
            },
            "Action": "*",
            "Resource": "arn:aws:s3:::blogy/*",
            "Condition": {
                "StringLike": {
                    "aws:Referer": [
                        "https://www.blogiestools.com/*",
                        "https://blogiestools.com/*"
                    ]
                }
            }
        },
        {
            "Sid": "Explicit deny to ensure requests are allowed only from specific referer.",
            "Effect": "Deny",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::blogy/*",
            "Condition": {
                "StringNotLike": {
                    "aws:Referer": [
                        "https://www.blogiestools.com/*",
                        "https://blogiestools.com/*"
                    ]
                }
            }
        }
    ]
}

Step 5: Scroll to the bottom and the JSON file below to Cross-origin resource sharing. Change domain URL to your site URL.
[
    {
        "AllowedHeaders": [
            "Authorization"
        ],
        "AllowedMethods": [
            "GET",
            "POST",
            "PUT"
        ],
        "AllowedOrigins": [
            "https://blogiestools.com"
        ],
        "ExposeHeaders": [],
        "MaxAgeSeconds": 3000
    }
]
 
Only media files that are accessed from a link available in your domain can be downloaded.

 

15.1k points
edited by

Related questions

1 vote
1 answer
I want to change the WooCommerce completed order file download link text sent to emails for digital download products
asked Nov 8, 2021 in Fixing Blog Problems anonymous
0 votes
1 answer
I have several posts on my WordPress site but I want to add CSS to a specific post, how do I do
asked Nov 3, 2021 in WordPress Problems anonymous
0 votes
1 answer
process of finding and downloading wallpaper used in Bing
asked Dec 31, 2021 in General anonymous
0 votes
1 answer
I want to show only root doman for example, google.com as referral page for any external links clicked on my pages.
asked Nov 7, 2021 in General anonymous
0 votes
1 answer
I am looking for ways to disable lazy load in a specific image in visual composer
asked Nov 4, 2021 in WordPress Problems anonymous