Private S3 bucket and http referer policy for a Wordpress site not working

Question

hi there,   
I have an issue that I've been searching high and low for days to find an answer.   
I have a wordpress website which is closed to the public, requires paid membership.   
I have videos playing through a wordpress plugin called Ultimate video player that   
I've tried to send requests to play the videos stores in my S3 bucket.   
It works IF the bucket is set to fully public. These videos are private and should not be viewable by the public.   
  
It does not work IF I set the bucket to private (the Access reads Only authorized users of this account)  
and place a bucket policy in permissions as follows:  
  
{  
    "Version": "2012-10-17",  
    "Id": "http referer policy example",  
    "Statement": \[  
        {  
            "Sid": "Allow get requests originating from mywebsite.ca.",  
            "Effect": "Allow",  
            "Principal": "*",  
            "Action": \[  
                "s3:GetObject",  
                "s3:GetObjectVersion"  
            ],  
            "Resource": "arn:aws:s3:::my-bucket-name-here/*",  
            "Condition": {  
                "StringLike": {  
                    "aws:Referer": "https://mywebsite.ca/*"  
                }  
            }  
        }  
    ]  
}   
  
I have not done anything at the server where my website is hosted. The tech guys there said their   
referers should be OK for this request.   
I consulted with the developer of the video player and he said the issues lies with AWS S3 system.   
So here I am hoping to get some help about how to make this work.   
  
I am using a wordpress app (S3 smart upload) that has successfully connected to the S3 bucket and displays all the files and folders accurately.  
I am able to add each of the videos to the media library so that the video player can access them.   
BUT, when I add them to the media library, they give an error and do not play.   
"Media error: Format(s) not supported or source(s) not found" (the videos are mp4 and play just fine when the bucket is set fully to public)  
  
what am I missing?  
Are the tech guys hosting my website missing something?   
How do I check if the AWS:referer is setup correctly?  
I agree with the video plugin developer - the problem is not with his video player, as when the S3 bucket is set to public, the player has no trouble playing the videos.   
  
Thanks for any help.

Answer

I discovered the problem.   
First of all, I didn't want to allow public access but I needed to allow one of the permissions as follows in the Block public access (bucket settings).  
See attached image .     
That solved my issue. Now, the direct link is not available except through the website specified in the bucket policy.   
So if you try to load the URL of the video, say, in the browser, it doesn't work, but my wordpress site IS accessing and playing the videos.   
  
Way to go self.   
  
MD  
  
Edited by: Modan9 on Nov 30, 2020 12:31 PM forgot to insert the image link

Answer

Did you get this resolved?

Private S3 bucket and http referer policy for a Wordpress site not working

관련 콘텐츠