OAI to limit access to links from a specified sub domain

I have a Wordpress site using the Academy theme to sell Courseware, with video and downloadable content in an Amazon S3 bucket with Cloudflare for edge server CDN. I am hoping to limit content access to just logged in users, as now the cloud flare URL can be used directly in the browser to access content. I am thinking I might be able to configure the web site to put the customer side of the web site in a sub domain. If I could then limit Cloudflare to serving requests only if they come from links in that domain, I think I would be in good shape. Is that possible? Or is there a better way to go? Or is it really not possible to limit access this way? I have many, many customers so I don’t want to try and manage actual user names and passwords, just limit Cloudflare to specific link origins.

Without using logins, you would have to depend on the Referrer. That can be forged by a scraper, but that’s all I can think of. A Firewall Rule can block access to anybody not showing a Referrer header from your domain.

@sdayman I’ll need to look at that. I am not looking for 100% security, just the ability to keep people from sending links to others. Even just limiting it to my referrals from my site, even the non customer part, would probably be enough. If I can find a way to move the customer part of the site to a sub domain would be even better.
Thanks!

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.