Secure Media Uploads

Check out the import scripts for some tricks with record streaming & dropping already-processed items from memory.

4 Likes

Dumb question, which should I tick for my uploads bucket?

Dumb question #2, what can I do about s3 site backup bucket, should I make that non-public too? I know the objects are already ACL’d so I guess it doesn’t matter

1 Like

UPDATE: I am adding this information to the OP as well.

As of the below PR, the secure uploads functionality has changed slightly. Now not just media files will be affected, now ALL uploads (images, video, audio, text, pdfs, zips, and others) will follow the secure upload rules. This includes attachments:

This is being done because there are communities out there that would like all attachments and media to be secure based on category rules but still allow anonymous users to download attachments in public places, which was not possible before.

This is not a dumb question, I am not even sure. I think its the top one. @schleifer can you please weigh in here?

9 Likes

Thanks, that’s what I thought too but when I enabled secure media, the first upload I did in the public part of our site was not visible, I don’t know if that’s on purpose or not but it doesn’t fit our use-case so I’ve switched it off, cool feature, though!

2 Likes

Block all public access option is the ideal choice, but it can’t be selected until all existing uploads – and all references to them in existing posts – are migrated.

6 Likes

To add to this, the correct rake task to run before changing anything about your S3 bucket is uploads:sync_s3_acls which will make sure every object is either private or public-read.

7 Likes