[thelist] Amazon S3 for serving video: restricting permissions

Mohan Arun L marun2 at gmail.com
Sat Aug 29 07:30:19 CDT 2009

>>Is there a clear and understandable method for serving video from S3, but
not leaving access wide open, readable by the whole world?

>From my research, there is this Expires: http header which can be used
in conjunction with the S3 key and S3 secret to authenticate a S3

>>thanks, but it doesn't address securing something served on a website.
you could use a third party s3 file protection product
what they say: "If someone tries to paste the download url in their browser...
They will get an error message telling them how to get access...
...Which takes them directly to Your Home Page!"

If Query String Authentication is too much time and effort

If you are using wordpress - thereis mediastreamguard.com ($67)

Have a look at the last comment: http://spitzkoff.com/craig/?p=4

A Php code sample for query string authentication is here
Basically you would set the Expires parameter (which I believe what
s3fox does) so any request
coming in after the Expires period would be denied. You would then
keep giving out new URLs with expires set in the near future, every
once in a while
if more subscribers join new to your video membership site.

Theoretically my first thought was that you could CNAME the DNS
request to transparently map to S3 bucket url,
and then use htaccess to limit access to that folder or subdomain, but
I immediately realized that the DNS request would come first, before
hitting htaccess authentication - correct me if wrong?

http://MohanArun.com ::: http://WebDesignExpert.Me ::: http://Skoths.com

More information about the thelist mailing list