Steps to Create a Secure Link

Overview

VergeCloud allows you to generate secure links for files that are protected from unauthorized access. The process involves creating a hash based on the visitor's IP, file path, expiry timestamp, and a secret key. This document will guide you through the steps to create a secure link and use it effectively.

Step 1: Create a New Page-Rule

First, you will need to create a new page-rule. This rule can also be configured for wildcard URLs if you want to apply it to multiple paths or files.

   

 

Step 2: Generate a New Hash for the Visitor

To generate a secure link, you'll need to create a hash that includes the visitor's IP address, the file path, an expiry timestamp, and a secret key. This hash is used to verify the authenticity of the link request.

 

Information Required :

Visitor's IP Address

File Path

Expiry Timestamp

Secret Key

Example:

Visitor IP Address: 14.143.179.162

Path: /Logos-38.png

Expire timestamp: 1865746809

Key: 123456

 

Command to Get Visitor IP:

You can use the following command to get the visitor's IP address (using curl):

 

1. curl ifconfig.io -4
   

 

Example output:

14.143.179.162 

 

Command to Generate the Hash:

To create the hash, use the md5sum command with the visitor's IP address, file path, expiry timestamp, and key concatenated together. Here's how you can do it:

 

echo -n "14.143.179.162 /Logos-38.png 1865746809 123456" | md5sum

 

Example output:

5e87dfa7cf51e8bd2212d0a15cfeac37  -

 

Step 3: Access the Secure Link

Now that you have the generated hash, you can create the secure URL to access the file. The format for the secure URL is as follows:

https://files.vergecloud.cloud/{path}?hash={generated_hash}&expires={expiry_timestamp}

 

Using the example above, the URL will look like this:

https://files.vergecloud.cloud/Logos-38.png?hash=5e87dfa7cf51e8bd2212d0a15cfeac37&expires=1865746809

 

Step 4: Testing the Secure Link

To test the link, you can use the curl command:

 

Without the hash:

curl https://files.vergecloud.cloud/Logos-38.png -D - -o /dev/null

 

You should receive an HTTP 403 Forbidden response, indicating the link is not accessible without the correct hash.

 

Response Headers

1. HTTP/2 403
2. date: Mon, 24 Mar 2025 08:54:03 GMT
3. content-type: text/html
4. content-length: 3083
5. vary: Accept-Encoding
6. content-security-policy: upgrade-insecure-requests
7. server: vergecloud
8. server-timing: total;dur=3
   
9. x-served-by: 7500
   

 

 

 

With the hash:

curl"https://files.vergecloud.cloud/Logos-38.png?hash=58c373dfdac9d9751fd37e32e74a8fe7&expires=1743417364" -D - -o /dev/null

 

You should receive a successful HTTP 200 response and the file will be accessible.

 

 Response Headers:

1. HTTP/2 200
2. date: Mon, 24 Mar 2025 08:54:28 GMT
3. content-type: image/png
4. content-length: 14759
5. last-modified: Mon, 24 Mar 2025 08:49:13 GMT
6. x-rgw-object-type: Normal
7. etag: "654df29e14dd9ce1058a34c617bcba3f"
8. x-amz-request-id: tx00000f7200ea656c73f40-0067e11dc4-b0489ea-blr1a
9. vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
10. strict-transport-security: max-age=15552000; includeSubDomains; preload
11. x-xss-protection: 1; mode=block
12. server: vergecloud
13. server-timing: total;dur=12
14. x-cache-status: BYPASS
15. x-served-by: 7500
16. accept-ranges: bytes

 

 

API Reference

https://api.vergecloud.com/docs#tag/page-rule/put/v1page-rulesdomainid

By following these steps, you can generate

secure links for your files in Verge Cloud, ensuring they are accessible only to authorized visitors based on the hash you’ve created. Always test the link to verify that it is functioning correctly before sharing it.

Troubleshooting

 Common Issues:

403 Forbidden Error: This typically means that the hash or expiration timestamp is incorrect. Double-check that the generated hash matches the required parameters.

Expired Link: If the expiration timestamp has passed, the link will no longer work. Ensure that the expiration time is valid and hasn’t expired.

 

• Related Articles

• Steps to Activate Cloud Icon for VergeCloud

  Overview Before you activate the Cloud icon for your domain in VergeCloud, it’s important to make sure your server and DNS setup are fully prepared to work with the platform. Turning on the Cloud icon changes the way traffic reaches your website, ...

• Page Rules

  Overview VergeCloud Page Rules allow you to customize and fine-tune how your domain behaves within the VergeCloud CDN ecosystem. They give you granular control over performance, security, caching, redirects, and request handling at the edge. Instead ...

• Account Creation

  Overview Welcome to VergeCloud. This guide will take you through the process of creating your VergeCloud account, adding your first domain, selecting a suitable plan, and completing your initial order. Whether you are new to content delivery networks ...

• Steps to Build an SSL Certificate Trust Chain

  Overview For your website to work reliably over HTTPS across all browsers, devices, and operating systems, it's not enough to install only your primary SSL certificate. You must install the full trust chain, which includes your certificate, the ...

• Activate Free SSL Certificate

  Overview Securing your website with HTTPS is one of the most important steps you can take to protect your users and build trust. VergeCloud makes this extremely simple by offering a free SSL certificate that is automatically issued and renewed. The ...