I am using Tileserver-GL for rendering vector tiles to web and mobile. For web, I am using Mapbox JS API GL and for Mobile, I am using Mapbox android SDK. Currently, I am using flat URL given by Tileserver-GL like
http://1.1.1.1:8080/data/v3/{z}/{x}/{y}.pbf
or for mobile use
mapView.setStyleUrl("http://1.1.1.1:8080/styles/bright/style.json");
but as you can see this URL is open and anyone can access it.
Since we are not using Mapbox Access Token, how can we protect our Url from public to abuse?
Answer
From the docs
Deployment
Typically - you should use nginx/lighttpd/apache on the frontend - and the tileserver-gl server is hidden behind it in production deployment.
Securing
Nginx can be used to add protection via https, password, referrer, IP address restriction, access keys, etc.
No comments:
Post a Comment