Bind the custom domain name to the bucket default domain name

Step 1: Bind a custom domain name

According to the service provider of the domain name (available in Domain name information query (WHOIS) Page query) and the account (available in Cloud resolution DNS Console Query), refer to the corresponding steps to bind the domain name to OSS Bucket。

Step 2: Verify the custom domain name

After binding the user-defined domain name, when the user initiates a request through the user-defined domain name, the request will be resolved to the bucket default domain name through DNS. You can use nslookup or dig Command to verify whether the custom domain name resolution is effective.

 nslookup -type=CNAME static.example.com

 dig CNAME static.example.com

Step 3: Use a custom domain name

After the custom domain name resolution takes effect, you can use the HTTP The protocol and custom domain name structure contain the signature and validity URL，URL The format of is http://YourDomain/ObjectName? Signature parameters , and then use the URL visit OSS File.

1. Get pre signature URL。

   use OSS Console

   1. Sign in OSS Management Console 。

   2. single click Bucket list , and then click Target Bucket name.

   3. In the left navigation bar, select file management > File List 。

   4. On the file list page, click the target file name.

   5. stay details Panel Own domain name , select the bound custom domain name, keep the other default values, and then click Copy File URL 。

      

   Use graphical management tools ossbrowser

   ossbrowser support Object Level operations are similar to those supported by the console. Please follow ossbrowser Interface guidance is completed to obtain pre signature URL Operation of. How to download ossbrowser， See Graphical management tool Ossbrowser 2.0 (preview version) 。

   1. Log in with a custom domain name ossbrowser。

      

   1. get files URL。

      

   Using AliCloud SDK

   New using custom domain name OssClient And generate pre signature URL。

   Java

    import com.aliyun.oss.*; import com.aliyun.oss.common.auth.*; import com.aliyun.oss.common.comm.SignVersion; import com.aliyun.oss.model.GeneratePresignedUrlRequest; import java.net.URL; import java.util.Date; public class Demo { public static void main(String[] args) throws Throwable { // yourCustomEndpoint Please fill in your custom domain name. for example http://static.example.com 。 String endpoint = "yourCustomEndpoint"; //Please fill in the Region Information, such as cn-hangzhou String region = "cn-hangzhou"; //Fill in Bucket Name, for example examplebucket。 String bucketName = "examplebucket"; //Fill in Object Full path, such as exampleobject.txt。 Object The full path cannot contain Bucket name. String objectName = "exampleobject.txt"; //Get access credentials from environment variables. Please configure the environment variables before running this code example EnvironmentVariableCredentialsProvider credentialsProvider = CredentialsProviderFactory.newEnvironmentVariableCredentialsProvider(); //Create OSSClient example. //When OSSClient When the instance is no longer used, call shutdown Method to free resources. ClientBuilderConfiguration clientBuilderConfiguration = new ClientBuilderConfiguration(); //Note that the settings true open CNAME option clientBuilderConfiguration.setSupportCname(true); //Explicitly declare using the V4 signature algorithm clientBuilderConfiguration.setSignatureVersion(SignVersion.V4); OSS ossClient = OSSClientBuilder.create() .endpoint(endpoint) .credentialsProvider(credentialsProvider) .clientConfiguration(clientBuilderConfiguration) .region(region) .build(); try { //Specify the generated pre signature URL Expiration time, in milliseconds. This example sets the expiration time to one For example, hours. Date expiration = new Date(new Date().getTime() + 3600 * 1000L); //Generate pre signature URL。 GeneratePresignedUrlRequest request = new GeneratePresignedUrlRequest(bucketName, objectName, HttpMethod.GET); //Set expiration time. request.setExpiration(expiration); //Via HTTP GET Request to generate pre signature URL。 URL signedUrl = ossClient.generatePresignedUrl(request); //Print pre signature URL。 System.out.println("signed url for getObject: " + signedUrl); } catch (OSSException oe) { System.out.println("Caught an OSSException, which means your request made it to OSS, " + "but was rejected with an error response for some reason."); System.out.println("Error Message:" + oe.getErrorMessage()); System.out.println("Error Code:" + oe.getErrorCode()); System.out.println("Request ID:" + oe.getRequestId()); System.out.println("Host ID:" + oe.getHostId()); } catch (ClientException ce) { System.out.println("Caught an ClientException, which means the client encountered " + "a serious internal problem while trying to communicate with OSS, " + "such as not being able to access the network."); System.out.println("Error Message:" + ce.getMessage()); } finally { if (ossClient != null) { ossClient.shutdown(); } } } }

   Python

    # -*- coding: utf-8 -*- import oss2 from oss2.credentials import EnvironmentVariableCredentialsProvider #Get access credentials from environment variables. Before running this code example, make sure that the environment variable has been set OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET。 auth = oss2.ProviderAuthV4(EnvironmentVariableCredentialsProvider()) #Fill in Endpoint Corresponding Region Information, such as cn-hangzhou。 be careful, v4 Under signature, this parameter must be filled in region = "cn-hangzhou" #Fill in the custom domain name, for example static.example.com。 endpoint = ' http://static.example.com ' # yourBucketName Fill in the name of the storage space. bucket = oss2.Bucket(auth, endpoint, "yourBucketName", region=region, is_cname=True) #Fill in Object Full path, such as exampledir/exampleobject.txt。 Object The full path cannot contain Bucket name. object_name = 'exampledir/exampleobject.txt' #Generate pre signature of downloaded files URL， Valid for six hundred Seconds. #Generate pre signature URL When, OSS By default Object The forward slash (/) in the full path is escaped, resulting in the generated pre signature URL It cannot be used directly. #Settings slash_safe by True，OSS No Object The forward slash (/) in the full path is escaped, and the generated pre signature URL It can be used directly. url = bucket.sign_url('GET', object_name, 600, slash_safe=True, params=params) Print ('pre signature URL The address of is: ', url)

   Node.js

    const OSS = require("ali-oss"); //Define a function to generate a pre signed URL async function generateSignatureUrl(fileName) { //Get pre signature URL const client = await new OSS({ //Use custom domain name as Endpoint。 endpoint: ' http://static.example.com ',  //Get access credentials from environment variables. Before running this code example, make sure that the environment variable has been set OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET。 accessKeyId: process.env.OSS_ACCESS_KEY_ID, accessKeySecret: process.env.OSS_ACCESS_KEY_SECRET, bucket: 'examplebucket', // yourregion fill in Bucket Location. East China 1 (Hangzhou) as an example, Region Fill in as oss-cn-hangzhou。 region: 'oss-cn-hangzhou', authorizationV4: true, cname: true }); return await client.signatureUrlV4('GET', 3600, { Headers: {}//Please set the request header here according to the actual sent request header }, fileName); } //Call the function and pass in the file name generateSignatureUrl('yourFileName').then(url => { console.log('Generated Signature URL:', url); }).catch(err => { console.error('Error generating signature URL:', err); });

   PHP

    <?php if (is_file(__DIR__ . '/../autoload.php')) { require_once __DIR__ . '/../autoload.php'; } if (is_file(__DIR__ . '/../vendor/autoload.php')) { require_once __DIR__ . '/../vendor/autoload.php'; } use OSS\OssClient; use OSS\Core\OssException; use OSS\Http\RequestCore; use OSS\Http\ResponseCore; use OSS\Credentials\EnvironmentVariableCredentialsProvider; //Get access credentials from environment variables. Before running this code example, make sure that the environment variable has been set OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET。 $provider = new EnvironmentVariableCredentialsProvider(); // yourEndpoint fill in Bucket Corresponding to the region Endpoint。 East China 1 (Hangzhou) as an example, Endpoint Fill in as http://static.example.com 。 $endpoint = " http://static.example.com "; //Fill in Bucket name. $bucket= "examplebucket"; //Filling does not include Bucket Name included Object Full path. $object = "exampleobject.txt"; //Specify pre signature URL Expires on 600s (up to 32400s）。 $timeout = 600; try { $config = array(   "provider" => $provider, "endpoint" => $endpoint, 'signatureVersion'=>OssClient::OSS_SIGNATURE_VERSION_V4, "cname"	=> true, "region"=> "cn-hangzhou" ); $ossClient = new OssClient($config); //Generate pre signature URL。 $signedUrl = $ossClient->signUrl($bucket, $object, $timeout, "GET"); print_r($signedUrl); } catch (OssException $e) { printf(__FUNCTION__ . ": FAILED\n"); printf($e->getMessage() . "\n"); return; }

   Go

    package main import ( "context" "flag" "log" "time" "github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss" "github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss/credentials" ) //Defining Global Variables var ( Region string//Storage area BucketName string//The name of the storage space ObjectName string//Object name ) // init Function to initialize command line parameters func init() { flag.StringVar(&region, "region", "", "The region in which the bucket is located.") flag.StringVar(&bucketName, "bucket", "", "The name of the bucket.") flag.StringVar(&objectName, "object", "", "The name of the object.") } func main() { //Resolve command line parameters flag.Parse() //Check bucket Whether the name is empty if len(bucketName) == 0 { flag.PrintDefaults() log.Fatalf("invalid parameters, bucket name required") } //Check region Is it empty if len(region) == 0 { flag.PrintDefaults() log.Fatalf("invalid parameters, region required") } //Check object Whether the name is empty if len(objectName) == 0 { flag.PrintDefaults() log.Fatalf("invalid parameters, object name required") } //Load the default configuration and set the credential provider and region cfg := oss.LoadDefaultConfig(). WithCredentialsProvider(credentials.NewEnvironmentVariableCredentialsProvider()). WithRegion(region). WithEndpoint(" http://static.example.com "). WithUseCName(true) //Create OSS client client := oss.NewClient(cfg) //Build GetObject Pre signature of URL result, err := client.Presign(context.TODO(), &oss.GetObjectRequest{ Bucket: oss.Ptr(bucketName), Key:    oss.Ptr(objectName), //RequestPayer: oss.Ptr("requester"), //Specify the identity of the requester }, oss.PresignExpires(10*time.Minute), ) if err ! = nil { log.Fatalf("failed to get object presign %v", err) } log.Printf("request method:%v\n", result.Method) log.Printf("request expiration:%v\n", result.Expiration) log.Printf("request url:%v\n", result.URL) if len(result.SignedHeaders) > 0 { //Use pre signature when the returned result contains pre signature header URL send out GET The request also contains the corresponding request header to avoid inconsistency, which may lead to request failure and pre signature error log.Printf("signed headers:\n") for k, v := range result.SignedHeaders { log.Printf("%v: %v\n", k, v) } } }

   Using Command Line Tools ossutil

   Use a custom domain name through Presign URL） Pre signature of command generation file URL。

    ossutil presign  oss://examplebucket/exampleobject.txt  --endpoint " http://static.example.com ” --addressing-style "cname"

   if need ossutil The command automatically uses the custom domain name, instead of manually specifying the custom domain name in the command each time, you can use the configuration file Add a custom domain name in,

2. Access pre signature in browser URL。

   

adopt HTTPS Protocol Access OSS file

The custom domain name is not configured SSL In the case of certificates, it is not supported by default HTTPS Protocol access. adopt HTTPS When the protocol accesses the custom domain name, the browser will display an insecure connection warning. To pass HTTPS Protocol Access OSS File, you need to customize the domain name Configure Certificate 。

Use long-term valid without signature URL visit OSS file

You can set the file as public read in the following two ways:

• Set the file as public read : Set the permissions of OSS files to public read. In this case, the URL of the file will not be valid, and anyone can access it. To prevent files from being stolen by other websites, you need to configure them in OSS Anti-theft chain 。

• CDN accelerate OSS resources : Keep OSS file permissions private and provide public read access through CDN. In this case, the URL of the file will not be valid, and anyone can access it. To prevent files from being stolen by other websites, you need to configure them on the CDN Anti-theft chain 。

prevent OSS Files are stolen by other websites

By default, any website can display your OSS File, which may result in additional request fees and downlink traffic fees. You can use the Anti-theft chain , setting Referer Blacklist or whitelist to restrict access sources. After the immobilizer is configured, unauthorized websites will not be able to display your OSS At the same time, failed requests will not incur request fees and downlink traffic fees.

use OSS Hosting static websites

If you use OSS As a server for static websites, it directly stores and provides static files (such as HTML、CSS、JavaScript ) so that users can access these contents through the Internet. In addition to binding a custom domain name, you also need to Bucket set up Static website hosting 。

promote OSS File download speed in different regions

The files in the OSS bucket are stored in a region (such as Hangzhou). To improve the speed of downloading OSS files for users in different regions, you can use the CDN accelerate OSS . ON CDN After acceleration, OSS files will be distributed to CDN cache nodes in all regions. When users access files, they can obtain content from cache nodes closer to them, thus effectively improving the download speed.

promote OSS Long distance file transmission speed

The files in the OSS bucket are stored in a region (such as Hangzhou). When non mainland users visit, the upload and download experience may be very poor due to the long transmission distance. To improve the long-distance transmission speed of OSS files, you can enable Transmission acceleration , bind the custom domain name to the OSS transport acceleration domain name instead of Bucket Default domain name.