This has nothing to do with EE, per se, but since I know a lot of EE users host their static files on s3, I thought someone around here might have an answer to my problem.
I have all my images hosted on s3. In order to prevent hotlinking (which was becoming an expensive problem for me) I added a bucket policy to all my buckets that only allows get requests from my site. Plus, I set the permissions on all my images so that only the owner (me) can read/write them. (I found out how to do this somewhere on these forums… though I can no longer find the thread.)
This stopped the hotlinking. But I recently discovered that it also prevents any of my images from being pinned to pinterest. In order for an image to be pinned, it seems that pinterest first uploads the image to its own server and then makes a copy. But the way I’ve configured my s3 buckets stops this from happening. People just get an error message when they try to pin the images.
Anyone know a way around this? I’d like people to be able to pin my images, but I’d also like to protect the images from hotlinkers.
My first thought was that I could allow get requests from pinterest, but I’m not sure what url exactly I should allow.