The Ultimate AMAZON S3 Tutorial - For Anyone Who Wants to Protect Their Content

[Wilson Mattos]

If You Use Amazon S3 (Or You Want to Use It) You MUST Read This...

"Every S3 Tutorial Out There Teaches
Something VERY Wrong About
Amazon S3. Follow What They
Teach and Your Files Are Ready
to Be Stolen!!!"

My name is Wilson Mattos and I have been working in Information Technology and Security for over 17 years.

Several months ago, I started using Amazon S3 to store and deliver videos and other downloadable content for a membership site I own. Given my experience, I immediately noticed a serious security flaw! The flaw is NOT with Amazon S3 itself, but rather with how EVERY SINGLE TUTORIAL I have ever seen teaches people how to use S3! The basics are something like this:

1. Create a Bucket
2. Upload Your Content
3. Change the File Permissions (ACL) to "Read by Everyone"
4. Use the S3 URL to Embed or Access Your Content

Sound like the process you use? If so...

...your files are completely exposed to theft, but you can EASILY protect them and I will show you how!



How Bad Is This Problem?

A simple Google Search can reveal ALL your files!!!!!!



The Solution is VERY Easy to Implement!

On April 28th, 2009, I hosted a free webinar and taught how to properly configure Amazon S3 to ensure content is protected. Now you can learn everything I taught by watching the webinar recording!

Whether you already use S3 or are just wanting to learn more about it, you will definitely get a LOT out of this webinar (see my guarantee below). Here are just a few of the topics covered:

• How to sign up for an Amazon S3 account
• Using free tools to manage your S3 content
• Advanced options for naming buckets
  
• How to secure your content
• Logging access to your bucket
• Using The CloudFront Content Delivery Network (CDN)
  
• Plus Much More...
  

The webinar was 90 minutes long, with over one hour of presentations and live demonstrations followed by a Q&A session, where attendees probably asked the same questions you may ask...and they got answers!

Here is What Attendees Had to Say:

"Excellent webinar. It all makes sense now. Well explained."

"I always wondered what the 'Cloud' was. Now I know. I think it's a fabulous idea and should help websites load much faster!"

"Just awesome!"

"I was a bit shocked to realize some of the security leaks...I also appreciated that you took the Mac continguent into consideration ;-)"

"I thought your presentation was excellent, especially since the amount of free information was so valuable."

"You delivered great information and clarified the use and setup of S3 very well. Thanks"

"Wil, you did a fine job with the webinar. It was very organized and informative."

"Very good, Wil. One of the best webinars I've attended."

"Encore please!"

"I especially liked the information on securing S3 content."

"Thank you for taking the time to provide this information. It was definitely one of the better webinars I have attended."

What You Will Get With Your Purchase

• 90-Minute Webinar Recording
• PDF Version of the Presentation Slides
• 4 Pages of Additional Notes from the Webinar

Unconditional Guarantee

I guarantee you will learn a lot from this webinar! If you watch the entire webinar within the next 30 days and you don't agree that what you learned was well worth the purchase price, I will give you a full refund! NO QUESTIONS ASKED!

WARRIOR SPECIAL OFFER

First 50 Buyers: Only $10 (SOLD OUT)

Buyers 51 - 100: Only $12 (SOLD OUT)

Buyers 101+: $17

GET THE WEBINAR RECORDING NOW

[John Delavera]

Very well researched Wilson!
Certainly a must have knowledge for anyone that uses S3!

[disciple]

Hi,

I was on the original free webinar and was amazed at the amount of information that was provided. This is well worth the price of the WSO.

If you have any interest now or in the future you need this information.

Rick

[philipkwells]

Just got this. Thank you very much for catching this security loophole.

Phil

[Josh Anderson]

Anyone who knows me knows that I rarely endorse anything...

I attended one of Wil's training webinars...

If you want to know all you need to know about s3 including the hard to figure out stuff like file security etc. this is the webinar I recommend and I have worked to develop media and security solutions for S3 publishers.

Get this and get the recording. Its a valuable training and reference for anyone at any level.

[scorpio9]

Great WSO, have been considering incorporating S3 into my hosting set up and look at several other ebooks in the past, but so glad I bought this WSO because now I know how to use S3 securely, this aspect of S3 is not taught anywhere else. Very comprehensive material that's easy to follow, a must for every webmaster

scorpio9

[Alminc]

I started using amazon s3 servers recently and I'm still learning.
Just purchased this wso because security is a must.

Almin

[Wilson Mattos]

Quote:

Originally Posted by Alminc

I started using amazon s3 servers recently and I'm still learning.
Just purchased this wso because security is a must.

Almin, thanks for your purchase. I hope you can learn a lot from it. Do let me know if you have any questions or comments after you watch it.

Wil

[Alminc]

Wil,

I tried to download the WMV file several times without success.
Only a part of the file is downloaded and then it stops.

Can you upload it as a zip file or deliver it in a different way?

Almin

[Wilson Mattos]

Almin,

Just sent you a PM.

Wil

[goalpower]

Wilson...

Just grabbed a copy of your WSO - I haven't had time to review it (still downloading) BUT...

just wanted to say - I am Sooooooo glad you've put this together! I've looked high and dry on the amazon S3 site for info on how to even set up my bucket and files and can't find squat. Now I'll learn how and how to protect my hypnosis videos and mp3s!!!

Yes!!!

Thanks!

Steve Meade

[Wilson Mattos]

Quote:

Originally Posted by goalpower

Wilson...

Just grabbed a copy of your WSO - I haven't had time to review it (still downloading) BUT...

just wanted to say - I am Sooooooo glad you've put this together! I've looked high and dry on the amazon S3 site for info on how to even set up my bucket and files and can't find squat. Now I'll learn how and how to protect my hypnosis videos and mp3s!!!

Yes!!!

Thanks!

Steve Meade

Thanks Steve! Yes, in the webinar, you will learn in detail how to setup your buckets and how to secure your content (something no other tutorial I have ever found shows).

Enjoy and let me know if you have any questions.

Wil

[billt91]

Wil,

Thanks, great Amazon S3 information. I've had a s3 account and now I know how to make it secure.

Bill

[Wilson Mattos]

Quote:

Originally Posted by billt91

Thanks, great Amazon S3 information. I've had a s3 account and now I know how to make it secure.

Bill, I'm glad you found the information useful. If you have questions, please feel free to ask here.

Wil

[billt91]

Hi Wil,

I'm attempting to download a file using getAuthenticatedURL and I'm receiving an error.
I have tried this using a php and html extension.

I setup everything as indicated in the video.

What is missing?

Bill


This XML file does not appear to have any style information associated with it. The document tree is shown below.

−
<Error>
<Code>InvalidURI</Code>
<Message>Couldn't parse the specified URI.</Message>
<RequestId>98F6473BEA8EFA15</RequestId>
−
<HostId>
xqr/jlpT3yr2yZgtVyWoXxf1CAD4QWg6J9j7TQUIEJ1rpnvxfSuSUq 1aibf5ASyp
</HostId>
<URI>/%931zip%94</URI>
</Error>

[billt91]

I was able to fix it.

Bill

[Wilson Mattos]

Quote:

Originally Posted by billt91

I was able to fix it.

Bill

Bill, glad you were able to fix it. It was probably a typo or syntax error, right? That is what usually gets me. :-)

Wil

[billt91]

Wil,

I had copied the code from your pdf file and the quotes are different format. Quotes from your pdf “BUCKET” retyped quotes "BUCKET"

Works with both php and html files

Your plugin looks fantastic and I will be picking that soon.

Bill

[Wilson Mattos]

Quote:

Originally Posted by billt91

Wil,

I had copied the code from your pdf file and the quotes are different format. Quotes from your pdf “BUCKET” retyped quotes "BUCKET"

Ah...good catch. I pasted the code in Word and forgot to change those in the PDF. Word screws up the quote style for source code! I have updated the PDF, so that should no longer trick anyone else. Thanks Bill! :-)

Quote:

Originally Posted by billt91

Your plugin looks fantastic and I will be picking that soon.

Cool. Let me know if you have any questions about it.

Wil

[billt91]

Wil,

I have a question.

Will you be running a WSO for Amazon S3 Security - Protect Videos & Other Files - S3FlowShield Plugin

Bill

[Wilson Mattos]

Quote:

Originally Posted by billt91

Wil,

I have a question.

Will you be running a WSO for Amazon S3 Security - Protect Videos & Other Files - S3FlowShield Plugin

Bill

Bill, I may, but I do not have plans for it at this point.

Wil

[John S. Rhodes]

If you use Amazon S3 and you haven't watched
this webinar, you are putting your entire business
at risk. It's that serious. Grab it now before Wil
decides to pull it down forever.

~ John

[terrysacia]

Wilson,

It's the 21st of July. Are you opening this up?

[Wilson Mattos]

Quote:

Originally Posted by terrysacia

Wilson,

It's the 21st of July. Are you opening this up?

Ooops. forgot to come re-open. thanks for the reminder. It's open now.

Wil

[drnet]

Hey Wil,

Thanks for this WSO, I have alot on Amazon And I do not want it leaked out. I appreciate you putting this together and the time is good as I just launched a membership and I am running alot of video off of S3...

DR Net

[Wilson Mattos]

Quote:

Originally Posted by sclark

Hey Wil,

Thanks for this WSO, I have alot on Amazon And I do not want it leaked out. I appreciate you putting this together and the time is good as I just launched a membership and I am running alot of video off of S3...

DR Net

Very cool. Thanks for buying.

This content is critical for folks with membership sites. If you have any questions, don't hesitate to ask!

Wil

[GavinStephenson]

Really great webinar thanks

[Wilson Mattos]

Quote:

Originally Posted by GavinStephenson

Really great webinar thanks

Gavin,

Thanks for the feedback. I am glad you enjoyed it!

Wil

[Mint-Tree]

Just wondering if anyone had report this problem to Amazon .

*And a more important question: are they planning to fix it any time soon?

EDIT: I hope it's not just hype , cuz you got me shell out 10 buckets for this .

[Wilson Mattos]

Quote:

Originally Posted by Mint-Tree

Just wondering if anyone had report this problem to Amazon .

*And a more important question: are they planning to fix it any time soon?

EDIT: I hope it's not just hype , cuz you got me shell out 10 buckets for this .

There is nothing to report to Amazon. The problem is NOT with Amazon S3. Amazon S3 is totally secure (no known threats at this time). The problem is with customer S3 "Configurations." Because of how every other tutorial out there teaches people how to do things.

One of the many things this tutorial teaches is how to use S3 properly to make sure your content is secure.

If you have EVER set the bucket, folder, or file permissions (ACL) to "Read by Everyone" or "Read by All Users" you MUST learn the stuff I teach to protect your content. This is the critical thing all other tutorials teach wrong! Of course, there is a lot of other content in the webinar as described above.

Of course, if you don't think the content is worth it, please take me up on my guarantee! :-)

If you have any questions, please do not hesitate to ask.

Wil

[graphicsgenie]

Wilson,

WOW! You have totally opened my eyes to using Amazon S3, there I go, thinking everything was secure. Well you've just shown me I was totally wrong!

Just about to launch a product that heavily relies on video content, I just wanted to make sure that what I was doing with S3 was ok. Well I'd say this was the most important purchase I've made this year.

Great webinar, great step by steps too for the non techie.

I highly advise if you are thinking of using Amazon S3, you really need to check this out.

Thanks again

Darren

[Wilson Mattos]

Quote:

Originally Posted by graphicsgenie

Wilson,

WOW! You have totally opened my eyes to using Amazon S3, there I go, thinking everything was secure. Well you've just shown me I was totally wrong!

Just about to launch a product that heavily relies on video content, I just wanted to make sure that what I was doing with S3 was ok. Well I'd say this was the most important purchase I've made this year.

Great webinar, great step by steps too for the non techie.

I highly advise if you are thinking of using Amazon S3, you really need to check this out.

Thanks again

Darren

Darren,

Thank you for the feedback. I am really glad I was able to help you secure your content!

Wil

[peterbras]

Hi

Can you plugin play "Fast start" video files?

How difficult is to upgrade the video player to the commercial version?

Thanks
Peter

[Wilson Mattos]

Peter,

If by "Fast Start" video files you mean files that will start playing before the entire file is cached by the player, then yes. As long as the MP4, MOV, or FLV file is properly encoded with the meta data at the start of the file, then the video will start playing after a a buffer time (which you can configure in the plugin settings). Note that if the file has the meta data at the end, there are some free tools to fix the file so that it can "fast start."

It is extremely simple to upgrade to the commercial player. You simply upload the commercial player file, then set a couple of options in the plugin settings page. The plugin allows easy customization of the commercial player, such as adding your own logo, creating a custom play button, etc.

In fact, I also sell significantly discounted commercial player licenses to S3FlowShield customers. See: S3FlowShield - Commercial (Brandable) Player License

Note: the commercial player licenses are not required. The free license included with the plugin can be used for any purpose without restrictions (such as commercial sites). The commercial player simply allows you additional functionality, such as branding the player with your own logo.

Wil

[alcatrav]

Just starting to use S3, Amazon's help system is woeful. Saw some tutorials, I was concerned about these type of recommendations I saw on all these different sites for making content publicly available.
Thanks for the info!

[Paul Irvine]

Exceptional webinar mate. This really does open your eyes as to how wrongly most people are learning how to configure Amazon S3 for their content. Talk about a potential bomb just waiting to go off.

Anyway, the content was awesome and detailed, no fluff in sight either which is a good but rare thing!

Cheers,
Paul.