Cloudinary Blog

Blog posts of 'Security' tag
Authentication via cookies for session-based access control

Controlling who can access your images and videos, and when, can be an important concern for your business and security workflow. You may have resources that you only want some of your users or employees to access, or you may need to make sure that your original resources are secure, and only transformed (edited) versions of your resources are delivered, e.g., with a watermark or logo displayed.

Cloudinary prides itself on the wide range of manipulations available via dynamic URLs, and there are huge benefits to using on-the-fly dynamic manipulations to deliver your public resources. But this flexibility for delivering resources may be too permissive in certain situations because simply changing or removing a dynamic Cloudinary URL parameter can deliver a new image on-the-fly. This can result in users tweaking a URL in order to access the original version of images, for example to view an image without the added watermark, minus the cropping parameters that have isolated a specific face in the image, or without the pixelate_faces effect hiding people's identity, etc.

Read more
Cloudinary now delivers images and videos over HTTP/2

Even though websites have changed dramatically over the years – from simple text-based pages to advanced in-browser apps full of images and videos – the underlying HTTP protocol really hasn’t changed - until recently, with the approval of the HTTP/2 protocol by the IETF. Today Cloudinary is proud to announce, as part of a CDN infrastructure upgrade, general availability of HTTP/2 support in our image and video management solution. This will help you optimize the user experience on your app or website even more.

Read more
Different methods to deliver your images via HTTPS

Are you delivering your site via HTTPS or considering it? You're not alone - in 2015 the number of sites running on HTTPS almost doubled. Both consumers and web developers are now much more aware of the value of the humble green lock displayed in the address bar. The benefits of using HTTPS extend beyond the customer’s safety, to SEO boosts, and advanced functionalities that are only available when delivering via HTTPS, such as HTTP/2 and WebRTC.

Read more
Secure image manipulation with signed URLs
Modern web sites and mobile applications frequently showcase a rich set of images with various sizes and dimensions. Such services can even have their graphics, image resolutions and overall look & feel vary between different devices (desktop, mobile, etc.), and may change dramatically with constant upgrades.
Read more