You run an ad-supported photo sharing website using S3 to serve photos to visitors of your site. At some point
you find out that other sites have been linking to the photos on your site, causing loss to your business. What
is an effective method to mitigate this?
A.
Remove public read access and use signed URLs with expiry dates.
B.
Use CloudFront distributions for static content.
C.
Block the IPs of the offending websites in Security Groups.
D.
Store photos on an EBS volume of the web server.
A
I agree with the answer. A
Ans : A
A
A signed URL includes additional information, for example, an expiration date and time, that gives you more control over access to your content.
nobody realizes that the site is public and with that action we deny access to all anonymous users?
agree. IMHO answer is C.
http://docs.aws.amazon.com/AmazonS3/latest/dev/ShareObjectPreSignedURL.html
Instead of placing a static link to content on the page, the site will need to dynamically use S3 API to request the pre-signed URLfor the object. This would require some work, but anyone who tries to link to your S3 object by doing a copy/paste of the URL out of a page you served them will get a link that stops working.