Blocking Direct Downloads
Trying to host a s3 bucket and have it protected behind Zero trust. It works great until you get a direct link to the file in which it bypasses the Zero Trust entirely just downloading the file. I am using r2 for the object storage. Am I doing something wrong?
3 Replies
Feel free to ping me.
You should use presgined URLs
https://developers.cloudflare.com/r2/api/s3/presigned-urls/#generate-presigned-urls
Cloudflare Docs
Presigned URLs
Presigned URLs are an S3 concept for sharing direct access to your bucket without revealing your token secret. A presigned URL authorizes anyone with the URL to perform an action to the S3 compatibility endpoint for an R2 bucket. By default, the S3 endpoint requires an AUTHORIZATION header signed by your token. Every presigned URL has S3 paramet...
Awesome, will definitely look into it.
Thank you.