Oopps, I got the issue back in 8:00 am(JST), which is same as 7pm(EST).


It used to work fine last night in Japan, but not working this morning.
I’m sure this issue is caused NOT by my side since I have recreated all AWS setting. Time relevant issue must be resolved asap.


@levon this bug was reported almost two months ago and still isn’t resolved. Please take a look at this issue during the times stated on this thread. 8pm-12am EST. This is an issue with time stamps.

1 Like

yes, I understand and sincerely apologize for the situation. It turned out to be more complicated than we expected, so it’s taking a bit more time. Please bear with us while we are trying to solve this :pray: hopefully we’ll figure out something by the end of this week.


Are there plans to make the AWS S3 a bit more secure by using API keys instead of having to make the bucket public?

We have already made some improvements regarding the security, they are all on the bucket level however and it doesn’t look like implementing api keys would make it even more secure. Please check our updated docs to learn about the security measures that are in place.

Hello everyone! @jeffmccutcheon @crtcreative @oiplive @rio

We worked on the update to fix the “The authorization header is malformed” error . Please upgrade to latest version, place elements on page, refresh the app and give it a try.
Thanks for patience and understanding.

If something may seem wrong please report it! Thanks.

Here’s a few items uploaded to AWS during midnight using demo page:

Zeroqode Team.


successful upload at 10:30pm! (prior to this is was down between 8-12 for me.


1 Like

Hello everyone!

With the latest update of AWS plugin, you can use the latest documentation for the S3 bucket configuration ( In simple words, you can now go to your bucket “Permissions” tab and configure it.

  1. “Block public access” - you can block all the public access from this tab just turning on the "Block all public access " checkbox.

  2. “Access Control List” - here you can block access for the “Everyone” group just unchecking “List Objects” and “Write Objects” checkboxes.

  3. “Bucket Policy” - here you can test with your configurations according to AWS S3 documentation. We recommend you to use the basic configuration from our documentation.

  4. “CORS Configurations” - use recommended configurations from our documentation.

Zeroqode Team.

1 Like

@ZeroqodeSupport Even if we set our bucket permissions to “block public access”, aren’t our buckets still vulnerable because your plugin requires us to enable access to unauthenticated identities via Cognito?

Can you please confirm whether random people could still access our buckets due to this Cognito setting? And, if so, is there anything we can add to the IAM role policies to minimize such access?

Thank you in advance.

Hello @dominic, Unfortunately, more secure than in application made by instructions in our documentation it couldn’t be, but random people don’t have access to your bucket and couldn’t gain it if you made all the settings according to our docs.

Thank you.

Thanks for clarifying, @ZeroqodeSupport.