Whitelisting Files.com Storage Service
Files.com uses secure, regional cloud storage to hold customer files. This storage layer operates separately from the web and protocol endpoints that users interact with directly. When your organization restricts access to online file-sharing services, it can inadvertently block access to the Files.com storage layer as well. Even if you have already whitelisted the IP addresses and application endpoints needed to access the platform, file transfers will fail until the storage URLs are reachable. These URLs represent the actual storage locations where Files.com stores and retrieves your encrypted files.
This behavior is expected and standard for the Files.com platform. Files.com is designed as a distributed, cloud-native system that uses Amazon S3 as its primary storage provider. All data uploaded to Files.com, regardless of the method or protocol used, is ultimately stored in these regional S3 locations under Files.com’s management. The URLs associated with each region are specific to Files.com and are not used by any other service. They serve as the storage endpoints that handle data retrieval and delivery operations for your site.
These storage URLs are static per region. The base URLs listed below do not change over time, and they remain consistent for each Files.com storage region. Files.com manages these URLs and the underlying S3 buckets exclusively, and all connections to these endpoints use encrypted HTTPS. This ensures both predictability for network configuration and complete data security during transit.
Understanding Storage URLs and Protocol Behavior
When users upload or download files through Files.com, the transfer process can involve both the Files.com application layer and the storage layer, depending on how the connection occurs. Files.com automatically handles this interaction, ensuring secure and efficient delivery of your files.
For web-based access, the Files.com Web Application and Desktop App securely upload or download files to and from the appropriate storage URL for your region. These applications communicate with the Files.com service endpoints first, which then coordinate the transfer directly to the Amazon S3 storage layer. For example, when a user uploads a file via the web interface, Files.com temporarily authorizes the client to send the encrypted data directly to the storage endpoint.
Protocol-based connections, such as SFTP, FTP/FTPS, and WebDAV, do not interact with the S3 storage URLs directly. Instead, Files.com processes these transfers through its own managed protocol servers, which then write or retrieve data from the storage layer internally. This design allows protocol users to benefit from Files.com’s security and performance optimizations without requiring additional network configuration.
All access methods, whether through the API, web app, automations, or integrations, ultimately store data in these Amazon S3 locations. However, only HTTPS-based communication with the storage URLs occurs directly between client systems and S3. Ensuring access to these URLs allows the web, API, and integration components of Files.com to complete file transfers securely and efficiently.
Whitelisting Files.com Storage URLs
Each Files.com storage region corresponds to a distinct and permanent Amazon S3 URL pattern. These URLs identify the regional endpoints where Files.com stores your encrypted file objects. To maintain full functionality, your network or firewall configuration must allow secure outbound HTTPS access to the URLs that match your region.
If your organization uses Regional Storage to limit data to a specific region and Global Acceleration is disabled, you can restrict access to only the storage URLs that match that region. If your site operates across multiple regions or uses default storage settings, allowing all regions ensures uninterrupted access even if your configuration changes in the future.
| Storage Region | Storage URL Begins With |
|---|---|
| USA, Virginia | https://s3.amazonaws.com/objects.brickftp.com/ |
| Canada, Toronto | https://s3-ca-central-1.amazonaws.com/objects-ca-central-1-brickftp-com/ |
| Australia, Sydney | https://s3-ap-southeast-2.amazonaws.com/objects-ap-southeast-2-brickftp-com/ |
| EU - Germany, Frankfurt | https://s3-eu-central-1.amazonaws.com/objects-eu-central-1-brickftp-com/ |
| UK, London | https://s3-eu-west-2.amazonaws.com/objects-eu-west-2-brickftp-com/ |
| Japan, Tokyo | https://s3-ap-northeast-1.amazonaws.com/objects-ap-northeast-1-brickftp-com/ |
| Singapore | https://s3-ap-southeast-1.amazonaws.com/objects-ap-southeast-1-brickftp-com/ |
All storage URLs are managed by Files.com and hosted exclusively within Files.com’s dedicated Amazon S3 environments. No customer has direct S3 account access; all communication with these endpoints occurs through Files.com’s authenticated and encrypted systems.
If your organization’s network security policies filter traffic based on domain categories or URLs, configure those filters to allow HTTPS access to these storage endpoints. Doing so enables your users and integrations to continue transferring files securely without compromising compliance or control.