When you use Content Delivery Network (CDN) from Alibaba Cloud or a third party to retrieve an object from Object Storage Service (OSS), a similar error is returned if the endpoint mapped to the specified bucket is incorrect. The error information contains the public endpoint of OSS. The public endpoint of OSS is exposed, which causes information leakage and security risks.

FAQ
To hide the public endpoint of OSS, use the following methods:
  • Use static website hosting to configure the default 404 page

    Use static website hosting to configure the default 404 page. Example of the 404 page: https://help.error.html. After you configure the 404 page, OSS returns the default 404 page if the OSS resource you want to access by CDN does not exist. For more information, see Configure static website hosting.

  • Use CDN EdgeScript to rewrite or redirect requests
    For example, when you request OSS and OSS returns the 403 HTTP status code, you can use the following EdgeScript rule to redirect the back-to-origin and cached URL to https://www.error.html:
    if eq($status,403){
      rewrite('https://www.error.html, 'redirect')
    }

    You can replace the status code and the redirected URL in the preceding EdgeScript rule with actual values.

    For more information, see Customize rewrites or redirects.