Habitually Good

Almost a year ago, I blogged about moving image and file storage for this blog to Amazon S3. It’s been over an year, and I have been very satisfied. I haven’t had to pay too much money for this move, and there has been no down time whatsoever.

One of the drawbacks of moving to S3 is that you pay for accessing your files and images. That is fine as long as you are the only one accessing these (or the access is controlled by you). For example, I am okay with paying money every time images I host on S3 are accessed by people who are visiting this blog (and in the process they access the images). But since providing such access makes the images public, anyone can link to these files from their websites or blogs. This is called hot-linking images, and is one of the worst things you can do on the Internet.

So, how can you prevent this? You can’t prevent it directly, but you can monitor if this is happening, and there are a number of things you can do if you discover hot-linking of your files. Amazon S3 allows you to enable Logging on your buckets, and I describe the step-by-step on how to do this.

Step 1: Download CloudBerry Explorer

Actually just about any of the popular S3 tools would do, but I use CloudBerry, and I highly recommend it (here’s the story behind it).

Step 2: Understanding Logging and Buckets

If you have made it this far, I am assuming you know what S3 is and the fact that all data is stored on S3 in buckets. In S3, logs are generated at the bucket level. So if you enable logging on a bucket, all activities on any files in that bucket will be logged.

For you to enable logging, you need to have a target bucket which will store the log files. This can be any existing bucket, or you can create a new bucket just for storing the logs. This is what I choose to do.

Step 3: Launch CloudBerry Explorer

Once you start CloudBerry Explorer (and configure it with your Amazon S3 credentials), you will be able to see all your buckets in the right pane (by default, this is the case, but if you have already navigated to a bucket, you will need to navigate to the root level).

Step 4: Create a Logging Bucket

This is of course optional since you can use any of your existing buckets, but I like to keep things clean. Simply click on the New Bucket icon on the tool bar in the view where your Amazon S3 buckets are showing.

You can choose any name for your logging bucket. Mine is called logs.gadodia.net (as it goes well with my naming convention).

Step 5: Enable logging for your buckets

Once you know where you are going to keep your logs, its a simple matter of invoking the Logging command from the context menu. Here’s how it’s done. Select the bucket on which you want to enable logging, and right click it. Choose Logging.

When you choose the Logging menu item on the context menu, you will be taken to a properties dialog box, where you will need to enter two values (as shown below):

Here, the prefix can be anything. By default it is the name of the bucket. This allows you to identify the log file for this bucket. Second, you need to choose which bucket the logs will be created in.

Once this is done just press OK and you are done. Of course, in the backend CloudBerry Explorer carries out a number of tasks to set this up for you; and if you are interested in learning about it, then I recommend reading Amazon’s article on Setting Up Server Access Logging.

I will try and put up an article on how to interpret the logs that are generated in the future.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.