Introducing CloudShare.Me – simple file sharing service for Amazon S3

The internet is crowded with files sharing services and we can’t argue with this statement. So why should you have another file sharing service? We found out that many people who have their own Amazon S3 accounts would be happy to be able to share contents of their buckets with other people.

Why do you have to store files in two places like Amazon S3 and some kind of file sharing services to make it accessible for everybody else. You don’t have to do that anymore CloudShare.Me is a new free online service provided by CloudBerry Lab that help you to share your files right from your Amazon S3 buckets.

Just go to http://cloudshare.me and type in the name of the public bucket to view the files.

Click the file name to move to slide show mode

Or click thumb button to look at all the images at once

Want to tell the files with your friends? Click tweet It button to send an update to twitter or share button to send a link to many social networking and bookmarking websites such as Digg, Delicious, Facebook, etc.

Wondering how to make your bucket public? CloudBerry Explorer can help you here as always. Just select the bucket you want to make public and open the ACL Editor. Click “Public (everyone)” button. This will basically grant read access to all internet (anonymus) users.

Click “Apply for all subfolders “ checkbox to propogates access rights to all files in the bucket. Click Apply. Now you can click cloud share.me link to check out your files online!

Now you are ready to go to http://cloudshare.me and give it a try. We really hope you will like our new service. Any questions or comments? Use large FEEDBACK button at the left of the screen!

Two ways to configure content expiration with CloudBerry Explorer

CloudBerry Explorer freeware is a powerful Windows program that helps to manage all aspects of Amazon S3 storage. Many people use Amazon S3 to host their media content or entire websites to offload static content from their web servers, increase scalability or deal with so called TechCrunch effect, when after publishing a review on a popular website such as TechCrunch the number of visitors suddenly jumps tenfold.

One of the things that have been successfully employed by professional webmasters to improve scalability and lower the web server load is content caching. Content caching is a directive to the client browser to store a certain file that rarely changes such as image on a local computer. Next time the user requests the same page, the cached content is taken from the local computer rather than requested from the web server. Not only it allows for better user experience but also for less load on the web server.

Additional benefit of employing content caching on S3 is that every request to S3 is charged and under some circumstances you can lower your bills significantly if you use smart caching strategy.

Content Expiration can be controlled using two http-headers: Expires and Cache-Control.

Expires Header

Expires header supports exact date and time
Expires: Thu, 9 Sep 2009 14:19:41 GMT

To configure any header you can select the file(s) on S3 and click Set HTTP Headers in the toolbar.

In the popup up dialog click add and locate in this case Expires header. To make it easier we show the exact format for the header value in example. Type the value appropriate for your content.

Cache Control Header

Cache-Control supports relative time. Below are some popular values for Cache-Control Header:

max-age=[seconds] — specifies the maximum amount of time that an representation will be considered fresh. Similar to Expires, this directive is relative to the time of the request, rather than absolute. [seconds] is the number of seconds from the time of the request you wish the representation to be fresh for.
s-maxage=[seconds] — similar to max-age, except that it only applies to shared (e.g., proxy) caches.

for example relative expires for 3 months(90days). To calculate the correct value you should do some math:

90 days * 24 hr * 60 min * 60 sec = 7776000 sec

This will give us a value for max-age parameter and here is how it should look like:

Cache-Control: public, max-age=7776000,

After setting this header your content will expire in 3 month

Other common values for Cache-Control

- public — marks authenticated responses as cacheable; normally, if HTTP authentication is required, responses are automatically uncacheable (for shared caches).

- no-cache — forces caches to submit the request to the origin server for validation before releasing a cached copy, every time. This is useful to assure that authentication is respected (in combination with public), or to maintain rigid freshness, without sacrificing all of the benefits of caching.

- no-store — instructs caches not to keep a copy of the representation under any conditions.

- must-revalidate — tells caches that they must obey any freshness information you give them about a representation. HTTP
allows caches to serve stale representations under special conditions; by specifying this header, you’re telling the cache that you want it to strictly follow your rules.
c
- proxy-revalidate — similar to must-revalidate, except that it only applies to proxy caches.

Note: Cache validation rules depend on some other response/request headers like:

Response headers
ETag (in our case read-only), Last-Modified (in our case read-only, means the filestamp), etc
Request headers (mostly auto-generated by browser and/or proxy server)
If-Match, If-Modified-Since, etc.

Conclusion

Smart content caching allows you to improve scalability of your web site and lower your Amazon S3 bills. Luckily Amazon S3 supports content expiration and CloudBerry Explorer makes it very easy to configure.

Download CloudBerry Explorer freeware here.

Amazon S3 Security - How To Protect Your Files

by Wilson Mattos

Amazon's Simple Storage Service (S3) is a popular service for storing and delivering digital content on the Internet. S3 is extremely reliable, scalable and with the right tools in place, very easy to use. Amazon has eliminated all barriers to entry -- no lengthy service contract, virtually unlimited storage & bandwidth, and an affordable cost structure. Getting started with Amazon S3 could not be easier. All you need is an Amazon.com account.

Exposed Assets – The Problem with Using S3 The Wrong Way

When used properly, S3 is a very secure platform for content distribution. Unfortunately, most users are not aware of how to properly implement S3 security to protect their content. Instead, they leave their content exposed!

Most users get started with S3 by reading or watching a video tutorial that teaches a few basic steps to uploading content and setting the permissions (ACL) to be "Read by Everyone." This last step is what exposes their content and bandwidth to theft. You see, by default, any file you upload to S3 is only accessible by the owner of the file. However, in order to make files accessible over the web, users are told that they need to make the file "Readable by Everyone." Let me give you a real life example of why this is wrong and should not be done for content you want to protect.

Let's say that I run a paid membership site and use S3 to store and deliver videos to my paid members. Unfortunately, every tool available to embed videos on my site requires that I set the file permissions (ACL) to be "Readable by Everyone." This means that when I embed the video, anyone can view the "page source" for my site and grab the direct URL of the video. One of my members does this, and sends the link to a friend who can now download my video without ever my membership fees. This is the theft I referred to above. Although it is bad, it gets worse.
Another user decides that he wants to capitalize on my premium content, so this time, instead of just downloading my video, he is going to use the URL to my video, stored on S3, and embed the video on his own membership site. Now my content is not only being stolen, but I am also being charged for the bandwidth usage every time someone watches MY video while visiting HIS site. This is the REAL THREAT.

In the above example, I discussed a membership site and videos. However, any file for which you set the permissions (ACL) to "Readable by Everyone" is vulnerable to this type of attack.

The Solution

Although the solution is quite simple, it is not very well understood by most. It is called "Query String Authentication." Using the "Query String Authentication" feature, you can embed content on your site without ever making the file permissions (ACL) "Readable by Everyone."
Implementation of this feature does require the use of PHP, however, it is not at all difficult to implement, even if you have no programming knowledge. Unfortunately, all of the documentation provided by Amazon is written for experienced developers and does not provide step-by-step instructions that are easy to follow. Fortunately, there is now a resource to teach you exactly how to use this feature, step-by-step.

A few months ago, I hosted a free webinar to teach attendees how to properly use Amazon S3 to keep their content secure. The webinar covered a wide array of topics, ranging from basic to advanced (ex: how to set up an S3 account; free tools for managing your account; implementing "Query String Authentication" with exact code samples; and much more). The webinar is 90 minutes long (including 60+ minutes of instruction followed by audience Q&A).

If you are interested in obtaining a copy of the webinar recording to learn how to implement these features, you can purchase it from here: Amazon S3 Tutorial

If you would like to discuss the contents of this article, you can follow the author on Twitter and start a conversation

How to lower your Amazon S3 bills with GZIP and CloudBerry Explorer PRO

Note: this post applies to CloudBerry Explorer PRO 1.5.2 and later.

Most of popular web server support serving contents using gzip, at the same time most popular web browsers recognize GZIP header and decompress the files on the fly.

Even though Amazon S3 has most of the feature of a full-fledged web server, it lacks supporting GZIP in a transparent way. In other way you have to manually compress the files using GZIP and setup the Content-encoding header to gzip.

Why should I care about GZIP?

Well, first of all GZIP helps you to serve your web content faster. HTML pages being a simple text files can compress up to 20% of the original size and thus can be served 5(!) times faster. As a result making user experience much better!

What’s more with Amazon S3 it is much more important because you have to pay storage and transfer costs. Just imaging your monthly bills can get down to 20% if you store your content compressed and serve it using gzip.

How CloudBerry Explorer PRO can help?

CloudBerry Explorer PRO compression use gzip algorithm, so all files copied to Amazon S3 could be available through HTTP 1.1. It means that if you need to put html file to s3 you have to turn compression ON and copy files. To turn compression on go to Tools| Options| Advanced and check appropriate checkbox.

The file will be placed to s3 with the appropriate HTTP header set automatically:

Content-Encoding=gzip

To verify the header select the file that you’ve copied to S3 and click Set HTTP Headers on the toolbar. You will see Content-Encoding header in the list set to gzip.

Also notice that the original file size was about 11K, and it is less than 3K on stored on Amazon S3.

Important note: chunking should be off if you want to serve your files though http. It is off by default as of version 1.5.2, but older customers should check Tools| Options| Advanced.

CloudBerry Lab was inspired by the blog post Serve gzipped content from Amazon S3 and we would like to thank you the author David Arthur for the idea and for mentioning CloudBerry Explorer in his blog.

Please also check out Serving GZipped javascript files from Amazon CloudFront by Ken Weiner for more info on the subject

Conclusion

CloudBerry Explorer PRO makes it extremely easy to serve gzip content from Amazon S3. Basically you don’t have to do anything special, just turn compression on and everything else will happen automatically.

If you came to this post by chance you should know that CloudBerry S3 Explorer PRO is a Windows product that you can download here . It is currently in beta and FREE, so hurry up to get your copy! ;-)