We’re transitioning to virtual hosted style URLs for all new buckets created
after February 19, 2025. For new buckets, we will stop supporting path style
URLs. Buckets created before February 19, 2025 will continue to work with either
path style or virtual host style URLs.
The path style URL looks like this:
https://fly.storage.tigris.dev/tigris-example/bar.txt
The virtual host style URL looks like this:
https://tigris-example.fly.storage.tigris.dev/bar.txt
With the path style URL, the subdomain is always fly.storage.tigris.dev
. By
moving to virtual host style URLs, the subdomain is specific to the bucket. This
additional specificity allows us to make some key improvements for security and
scalability.
Why make this change now?
Recently some ISPs blocked the Tigris subdomain after
malicious content was briefly shared
using our platform. Though we removed the malicious content, the subdomain was
the common denominator across several reports and added to blocklist maintained
by security vendors. This block of our domain resulted in failed downloads on
several ISPs with unclear error messages. Either the DNS resolved to another IP
not owned by Tigris, or there were connection errors that implied a network
issue. We’re sure this was frustrating for folks to debug.
We have been working with the security vendors to remove our domain from their
blocklists. However, the long term solution is to move to virtual hosted style
URLs so that the subdomains are no longer the common denominator when
identifying content.
How does this impact your code?
You’ll need to update your code anywhere you have path based access like for
presigned URLs. You’ll also need to configure your S3 client libraries to use
the virtual hosted style URL. Some examples are below. If we’ve missed your
framework, please reach out, and we’ll help.
- Python
- Go
- .NET
- Ruby
- JavaScript
- Elixir
svc = boto3.client(
's3',
endpoint_url='https://fly.storage.tigris.dev',
config=Config(s3={'addressing_style': 'virtual'}),
)
sdkConfig, err := config.LoadDefaultConfig(ctx)
if err != nil {
log.Fatalf("Couldn't load default configuration. Here's why: %v", err)
return
}
svc := s3.NewFromConfig(sdkConfig, func(o *s3.Options) {
o.BaseEndpoint = aws.String("https://fly.storage.tigris.dev")
o.Region = "auto"
o.UsePathStyle = false
})
IAmazonS3 s3Client = new AmazonS3Client(
new AmazonS3Config {
ForcePathStyle = false,
ServiceURL = "https://fly.storage.tigris.dev"
}
);
s3 = Aws::S3::Client.new(
region: "auto",
endpoint: "https://fly.storage.tigris.dev",
force_path_style: false,
)
const S3 = new S3Client({
region: "auto",
endpoint: "https://fly.storage.tigris.dev",
s3ForcePathStyle: false,
});
config :ex_aws, :s3,
scheme: "https://",
host: "fly.storage.tigris.dev",
region: "auto",
virtual_host: true
NOTE: There is a known bug with
ex-aws that prevents bucket-less calls like ListBuckets from working, however
most other calls work.
With this move to virtual hosted style URLs, we’re undoubtedly going to break
some existing workflows as new buckets are created. If this creates a hardship
on you, please contact us at help@tigrisdata.com and we'll find a solution.
Want to try Tigris?
Make a bucket and store your models, training data, and artifacts across the globe! No egress fees.