How do I prevent users for generating image transformations by playing with URL parameters?

While you can dynamically change any transformation you need for your website, we also allow you to "lock-in" your settings by moving to a strict mode on your production systems once you are settled on a design (and fear abuse). This means that only image transformations that were explicitly requested by the developer can be accessed by the website's visitors. This effectively prevents visitors from generating unwanted images on your account. This option is available in the a settings section of our management console.

Have more questions? Submit a request


  • Avatar
    Mitchell Malpartida
    For someone new to the system and very excited about using it I would think it would be better to have a "strict" first rather than a "dynamic" first type mentality.
  • Avatar
    Andrea Verlicchi

    And how do you know if the transformations are explicitly requested by the developer?

Powered by Zendesk