Configure HTTPS
To access Object Storage Service (OSS) resources over HTTPS using a custom domain name, purchase an SSL certificate and host it in OSS. For more information, see Access OSS over HTTPS.
Force HTTPS
By default, OSS accepts both HTTP and HTTPS requests. To block unencrypted traffic, configure a bucket policy that denies all non-HTTPS requests.
The following policy denies any request to examplebucket that does not use HTTPS. Replace 175708322470**** with the bucket owner's UID and examplebucket with the actual bucket name.
{
"Version": "1",
"Statement": [{
"Effect": "Deny",
"Action": [
"oss:*"
],
"Principal": [
"*"
],
"Resource": [
"acs:oss:*:175708322470****:examplebucket",
"acs:oss:*:175708322470****:examplebucket/*"
],
"Condition": {
"Bool": {
"acs:SecureTransport": [
"false"
]
}
}
}
]
}For more information about elements involved in policy syntax, see RAM Policy.
For more information about bucket policies, see Configure bucket policies to authorize other users to access OSS resources.
该文章对您有帮助吗?