Resource icon

[bd] Attachment Store [Paid] 1.3.7

No permission to buy ($19.00)

fist34

Member
Will uploads be limited by the server's PHP max upload size setting? On a shared server and need to be able to upload really large (10s of megs) attachments -- will this also resolve that? Thanks!
 

xfrocks

Well-known member
Will uploads be limited by the server's PHP max upload size setting? On a shared server and need to be able to upload really large (10s of megs) attachments -- will this also resolve that? Thanks!
Unfortunately, upload still goes through PHP before get stored at S3.
 

AlexT

Well-known member
Will downloads (a user clicks on an attachment) also go through PHP? I assume it does, or how else do you handle permissions associated with attachments?
 

xfrocks

Well-known member
Will downloads (a user clicks on an attachment) also go through PHP? I assume it does, or how else do you handle permissions associated with attachments?
No, downloads do not go through PHP. If user get the URL, no more permission check.
 

AlexT

Well-known member

xfrocks

Well-known member
Hmm, this is too bad unfortunately.

One way to add some kind of permission control is by attaching S3 storage to Amazon CloudFront and using object expiration. This way links to attachments can be made unique and short-lived (to avoid sharing). For more see here: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-task-list.html

Implementation has been considered to include object expiration but doing so correctly requires too much server resource when a new attachment is uploaded and especially the maintenance routine after that. For sites that need strict permission verification, using default attachment storage is the best choice for now.
 

AlexT

Well-known member
Implementation has been considered to include object expiration but doing so correctly requires too much server resource when a new attachment is uploaded and especially the maintenance routine after that.
No, I wasn't referring to S3 object expiration. I was referring to CloudFront as an inbetween - it was created for this exact purpose and works very well in conjunction with S3.
 

xfrocks

Well-known member
No, I wasn't referring to S3 object expiration. I was referring to CloudFront as an inbetween - it was created for this exact purpose and works very well in conjunction with S3.

Ah sorry, I was on mobile so I didn't follow your links. Using CloudFront is a great idea which may get supported in the future.
 

Andy.N

Well-known member
Very exciting to see this addon.

1) How would this work with http://xenforo.com/community/resources/tinhte-image-attachment-optimization-cdn-support.909/
2) I also like Cloudfront support as well since I believe cost for CF is cheaper than S3
3) For the protocol settings, can images be set to use HTTPS while files use HTTP. The reason is that for sites that use SSL, images needs to be HTTPS otherwise you will have broken lock in the browser's address bar. You don't need HTTPS for files. The cost for HTTPS is higher than HTTP so we only use secured protocol when needed.
 

xfrocks

Well-known member
Very exciting to see this addon.

1) How would this work with http://xenforo.com/community/resources/tinhte-image-attachment-optimization-cdn-support.909/
2) I also like Cloudfront support as well since I believe cost for CF is cheaper than S3
3) For the protocol settings, can images be set to use HTTPS while files use HTTPS. The reason is that for sites that use SSL, images needs to be HTTPS otherwise you will have broken lock in the browser's address bar. You don't need HTTPS for files. The cost for HTTPS is higher than HTTP so we only use secured protocol when needed.


1) The two add-ons would conflict because they both tries to change the attachment URL.
2) That's being worked on.
3) Possible.
 

xfrocks

Well-known member
Very exciting to see this addon.

1) How would this work with http://xenforo.com/community/resources/tinhte-image-attachment-optimization-cdn-support.909/
2) I also like Cloudfront support as well since I believe cost for CF is cheaper than S3
3) For the protocol settings, can images be set to use HTTPS while files use HTTP. The reason is that for sites that use SSL, images needs to be HTTPS otherwise you will have broken lock in the browser's address bar. You don't need HTTPS for files. The cost for HTTPS is higher than HTTP so we only use secured protocol when needed.

At which point it would be a must-buy for me! (y)


You guys know what? v0.9.7 now has support for CloudFront ;)
 
Top