Is there a way to restrict where images can be served (hostname)?

Beachbody Administrator

June 27, 2014 18:15

Scenario: We don't want someone to grab the cloudinary URL and start serving our images from their own web sites.

Q: Is there a way to restrict transformations and images to only return valid results if the referrer is a certain domain?

 

0

• 

  Itay Taragano

  June 28, 2014 16:08

  If you want to restrict access to your transformed images, Cloudinary supports referral-based whitelisting and blacklisting. This feature is available for our Premium plan. In addition, a custom CNAME must be set-up for your account for that to work. Then you can let us know the domains you want to be whitelisted for your account and we'll do a short manual set-up on our side. This way, anyone which is not from approved domains can't access your images.

  In addition, you can enable the 'Strict transformations' option along with 'Allowed strict referral domains', this means that dynamic transformations can be generated within the specified domains only, while the Strict transformation mode is actually enabled only for domains which are not in the specified list.

  0
• 

  Beachbody Administrator

  July 22, 2014 19:05

  Is there any way to secure images in a folder and not an account to internal company staff until they are ready for launch? For example, if we are getting ready to launch a new product and our systems are configured to use the production "account" we want to upload the new images but only have them accessible by people coming from either our company IP addresses or some other restrictive mechanism. Thank you in advance.

  0
• 

  Itay Taragano

  July 24, 2014 10:33

  Thank you for your suggestion,

  It's our road-map to support this use-case. In the meantime, you can use a different account for these images and then upload them to your main account when they are ready for launch.

  0
• 

  Luis Elizondo

  February 23, 2018 11:56

  Hi Itay,

  I need to restrict access from certain hosts. Your answers here are a little bit old. Can you confirm me this remains the same? Do I have to upgrade to be able to restrict access to images?

  Thank you

  0
• 

  Ido

  February 25, 2018 12:07 Edited

  Hi Luis,
  
  If you want to restrict access based on ip then you could use token-based authentication, which requires our pro plan and above.

  Note that you could use other forms of access control which are available for free plans as well, like the strict transformations or signed urls

   

  If you have a specific use case you could open a request at support@cloudinary.com and we would be happy to take a deeper look into it.

  Hope that helps

  0

Post is closed for comments.