1. Scaleflex Help Center & FAQ
  2. General Questions
  3. Security, Performance and Availability

Can I sign my URLs?

Avatar
Daksh G. [Scaleflex]

Cloudimage provides URL security to protect your images from unauthorized access and prevent URL tampering. You can use URL Signature or URL Sealing depending on your security needs.

Both features can be activated directly from your Cloudimage Admin.

 How to enable URL security

You can activate and manage URL security settings directly in your Cloudimage Admin:

Go to Cloudimage Admin → Image Settings → Security

  1. Log in to your Cloudimage Admin account.

  2. Open your project and go to Image Settings → Security.

  3. Click the toggle button to enable URL Security

  4. Choose URL Signature or URL Sealing.

  5. Define your Salt (private key used to generate signatures).

  6. Click Add and Save changes.

Important: Once URL security is enabled, all unsigned URLs will stop working. Update your URLs before turning this feature on.

URL Signature

Purpose: Protects your entire Cloudimage URLs from tampering and misuse.

When URL signature is enabled, every Cloudimage URL must include a valid signature generated with your Salt. The signature ensures the URL cannot be modified without authorization.

How the signature is generated:

Signature = sha1('Salt' + 'URI')
Where:

  • Salt = a private string you define in Cloudimage Admin. Keep it secret, as it is used to generate all signatures.

  • URI = original_image_url?operations&filters

Example URL:

https://<token>.cloudimg.io/<original_image_url>?operations&filters&ci_sign=<Signature>

 

URL Sealing

Purpose: Locks specific image transformations (e.g., watermarks, filters) to prevent end users from removing them.

URL sealing only protects the parameters defined in the ci_eqs value, allowing you to append additional parameters (like resizing) without regenerating the signature.

How the sealing is generated:

Signature = sha1('URI' + 'ci_eqs' + 'Salt')

Where:

  • URI = original_image_url

  • ci_eqs = base64-encoded version of your transformation query string

  • Salt = your private key (defined in Admin)

Example URL:

https://<token>.cloudimg.io/<original_image_url>?ci_eqs=<encoded_string>&ci_seal=<Signature>
 

Need Help?

Contact our Support Team at hello@scaleflex.com and include:

  • Your Cloudimage token
  • Short description of the issue (including URLs, screenshot, short video if available)
  • Steps to reproduce the issue.

 

 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more