Skip to main content

Introduction

Secure URLs protect user-uploaded and AI-generated files through tokenized, time-limited URLs. This guide covers enabling and managing this security feature.

How It Works

When secure URLs are enabled:
  • All files uploaded by your users are protected through tokenized URLs
  • The app automatically generates secure URLs whenever files need to be accessed
  • Files can only be accessed through valid tokenized URLs
  • Direct file URLs without tokens will not work
Secure URLs are completely transparent to your users - they won’t notice any difference in how they access files. The app automatically handles all security aspects behind the scenes.

Managing Secure URLs

Prerequisites

Before enabling secure URLs, ensure:
  • You’re using a supported cloud storage provider (like Digital Ocean Spaces)
  • Your Aikeedo installation is version 2.10 or higher
  • Your Cloud Storage plugin is version 1.2 or higher
Local storage does not support secure URLs. You must configure a cloud storage provider in your admin panel first.

Enabling the Feature

  1. Log in to your Aikeedo admin panel
  2. Go to Settings > Storage settings
  3. Under the Configuration section, ensure your cloud storage adapter is selected
  4. Toggle the “Secure URLs” switch to enable the feature
After enabling, all new files uploaded by your users will automatically be protected. Files uploaded before enabling this feature will remain accessible through their original URLs.

Security Considerations

URL Access Control

  • The app automatically generates new secure URLs whenever files are accessed
  • Each secure URL contains a token that expires after 1 hour
  • Users won’t notice the URL expiration - new secure URLs are generated automatically when needed
  • Users cannot bypass the security by sharing direct file URLs
Your users will have continuous access to their files. The 1-hour expiration only applies to individual secure URLs, not to the files themselves. New secure URLs are automatically generated when needed.
If you’ve enabled CDN in your cloud storage settings (like Digital Ocean Spaces CDN), ensure its edge caching time is set to 1 hour or less. Otherwise, the CDN might continue serving expired secure URLs to your users.

Best Practices

  1. Enable secure URLs before launching your service
  2. Avoid disabling secure URLs once enabled
  3. Regularly check your storage settings
  4. Monitor your users’ file access patterns

Limitations

Important points to consider:
  • Local storage cannot use secure URLs
  • Some cloud storage providers may not support this feature
  • Old URLs will stop working if you disable secure URLs after enabling them
  • Once enabled, switching to a different cloud storage provider is not recommended as previously uploaded files will become inaccessible
If you’re using Cloudflare R2, secure URLs will only work with the default S3 API endpoint (<accountid>.r2.cloudflarestorage.com) and cannot be used with custom domains.
After enabling secure URLs, stick with your chosen cloud storage provider. Switching providers will break access to files uploaded with secure URLs enabled.
Verify secure URL support with your chosen cloud storage provider before enabling the feature.

Troubleshooting

If your users report issues accessing files:
  1. Check if your cloud storage provider is functioning correctly
  2. Verify your CDN settings if enabled
  3. Ensure the secure URLs feature is properly enabled
  4. Check if the reported files were uploaded after enabling secure URLs

Need Help?

If you need assistance with Aikeedo:

Professional Support

Get expert help from our team with a paid support subscription

Troubleshooting Guide

Check common issues and solutions