What is an expiring link and how to use it

expring-linkI get a lot of questions about what an expiring link on Amazon Web Services (AWS) actually does and how to use it properly, therefore I thought it useful to explain it in this article.

What is an expiring link?

An expiring link, also called signed URL, is a link to a file or object that is limited in time. Once it expires, the link is no longer valid. This has to advantage that the link cannot be used on another site since it expires in any given time by the rightful  owner of the link.
Amazon Web Services has a mechanism to generate these links for downloadable files, videos and audios.
So far, this is easy to understand. But what is not clear for many people is what happens when the link is expired. Does it stay that way?

But first of all, how do you generate such a link?

You can generate an expiring link via a script you write yourself, but generally it is much easier to use a plugin or extension that does the job for you. After all, writing a script means that you need to have a good understanding how AWS works.
There are loads of plugins and extensions for WordPress and Joomla available to generate download links.

A typical expiring link or signed URL in techspeak looks like this:

http://mybucket.s3.amazonaws.com/Adoptie-33.pdf?AWSAccessKeyId=AXIXIGHQ7G5QEKONGEL4Q
&Expires=1423152784&Signature=BW3y9qJv3%2BZyMmlO2kiCRYRu%2Bd0%3D

The red part tells AWS it is OK to give access to the file.  Without that string, the file cannot be downloaded since it is a private file.
All files on AWS are per default private unless you change the permission settings (not a good idea).
Private actually means that only the owner of the content can serve a file via his/her site, if a signed URL is used with the correct information.
When you use a plugin for WordPress or an extension for Joomla, it will create such an expiring link as soon as the visitor lands on the page that contains the shortcode to generate the link. This happens on the fly.
For example, you could have a link to a PDF residing in a S3 bucket or a download distribution and a plugin that generates the expiring link to that PDF in your post or article.

What happens when someone lands on your page?

The visitor lands on your page.  The expiring link is automatically generated.  If you have set the expiring time to 10 minutes (=600 seconds), then the link will be valid for 10 minutes.  In other words: As long as the visitor remains on the page, there is a link that is only available for 10 minutes and those minutes start to count the moment the page is loaded.
But when the visitor comes back another day or reloads the page after the link has expired, a new expiring link is created. The old one no longer exists.
This is where the confusion often arises. Many people think that if they set the link to a month, the downloadable file is only available for a month, period.
As said, each time that page is loaded, a new link is generated, again for the same amount of time. Therefore you cannot use a strategy whereby you create a page and hope that a link automatically becomes permanently invalid after a given time.  Surely, the old link becomes permanently invalid, but upon refreshing the page, a new one pops up to the same PDF, video or audio.

Which strategies are possible?

You want visitors to be able to download your PDF.  But you do not want them to share the link via social media or e-mail. If you set the expiring time to 10 minutes, the link is probably already expired by the time the link is posted on Facebook or Twitter. Some people may try to post the link without the signature, like this: http://mybucket.s3.amazonaws.com/Adoptie-33.pdf but that does not work because the PDF is private. I.e.; it cannot be downloaded without a signed URL. So, the only option is to go to your site and download it from there. This ensures that interested folks have to come to your site to get the content.  It won’t stop them from spreading your PDF once they have downloaded it, but at least you do not pay for the bandwidth.

The same goes for videos and audios. With expiring links, it is not possible to publish the link to the media on other sites or social media if you set the expiring time short enough.
But visitors will be able to download files, view videos or listen to audios on your site for as often as they like, as long as they have access to the page. With streaming video, downloading it is not that easy and combined with an expiring URL, a technique called private streaming, you have two layers of protection against unauthorized use.

What if I want to send a link via e-mail?

Perfectly possible. You could send a link with a time limit of 3 days, for example. To generate such a link, you could use CloudBerry S3 Explorer (Windows) or Cyberduck (Mac).  These desktop applications can generate a link for you very easily.

How to sell content within a limited period

If you want to sell videos, audios or tutorials, you can protect them with expiring links. But in order to protect the pages on which those links reside, you need a membership system which is capable of restricting access to pages via subscriptions. Most membership systems for WordPress or Joomla have the option to setup subscriptions with one-time access or for a certain period of time.

Useful WordPress plugins for expiring links

  • S3Media LinkSafe Lite, a free plugin which features downloadable links via S3 buckets and download distribution.  The plugin comes with a tutorial how to set up your download distribution on AWS.
  • S3Media Stream Enterprise, a commercial plugin to serve private streaming videos and audios, plus downloadable files via S3 buckets or download distributions.

Useful Joomla extension for expiring links

  • S3Media Stream (regular), a commercial plugin to serve private streaming videos and audios, plus downloadable links via an S3 bucket.

I’m a bit biased here, and I hope you forgive me for the little promo, but the above plugins are created by us. There are of course other plugins available, but the ones mentioned above provide excellent support with a long list of happy users, particularly related to setting up the AWS account which is not that straightforward for non-technical people.

Leave a Comment