Encrypted links are a way of protecting your content from “hot-linking” and also setting variables on a per-link basis (such as a speed limit).

They require the site owner to add an encrypted string to their URLs in their server-side code using a private key. When these links are requested by a client, the CDN decodes them using the same private key. Therefore they cannot be altered by any clients.

To enable encrypted links, you must first set the Encrypted URL Key variable on your site or live zone.

edit site encrypted url key

Set it to something secure which can’t be easily guessed.

set encrypted url key

Once set, all URLs referring to content on this site must be encrypted; normal URLs will not work.

To use encrypted links, you must configure the server-side code on your web application to encrypt links when generating the html page which contains them. The first step is to create a string containing a series of variable=value pairs, separated by semicolons.


This string is then encrypted with AES-128-CBC encryption using the key that you defined.
The output from the encryption will be a byte array which should then be hexadecimal encoded.
The hex string is then used as part of the URL.


The encrypted string can also be supplied in a cookie named HiberniaCDNEncrypted instead of in the URL

curl -o /dev/null –header “Cookie: HiberniaCDNEncrypted=HEXSTRING” http://cdn.yoursite.com/file.ext

A full list of available variables is available here: Encrypted Links Variables

To try/test encrypted links you can use our Encrypted Link Generator tool

Encrypted Link Generator

Leave a Reply

Your email address will not be published. Required fields are marked *