Cloudflare and S3 Bucket Policy issue

What is the name of the domain?

40k.gallery

What is the issue you’re encountering

Cloudflare breaking S3 bucket policy

What steps have you taken to resolve the issue?

I have a website that uses a S3 bucket just to store images that runs on a subdomain, that is working correctly and has been for awhile. The bucket is set to open to the public but I’m trying to add hotlink protection through the bucket policy. I’m trying to do the hotlink protection on there since the Scrape Shield doesn’t appear to be working as well as it doesn’t work with WEBP images. The problem is that it works right after I clear the Cloudflare cache and the images are blocked but as soon as Cloudflare caches them then they are able to be hotlinked again.

You might want to try configure the hotlink protection via Custom WAF rule.

I have used that but the images are stored on AWS S3 and they are under a subdomain of the main URL. However they are still being linked on the other sites. When I clear CF’s cache then they will break on the hotlinked site but as soon as CF caches them again they are displayed again. Even adding in custom WAF rules to block all referrer traffic doesn’t prevent this, the cache still serves up the image.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.