How Filestack works

Infrastructure and Interface

In order to provide customers and their users with low latency and maximum performance, Filestack maintains global infrastructure with main datacenter and database hosted in Nort Virginia, USA. All systems are built to ensure maximum reliability and scalability along with performance and security.

Filestack currently handles billions of uploads, transformations and downloads every month and our goal is to provide safe and secure system that will allow users to manage their files in fast with no errors.

All Filestack features are currently available over HTTP protocol through the carefully crafted UI integrations (web and native) and APIs.

Uploads and Storage

Filestack by default stores your files in its own S3 bucket hosted in N.Virginia but you have choice to use your own S3 bucket (in any region) or any other storage provider that we have integrated with (Google Cloud Storage, Dropbox, Rackspace, Azure). This also applies to files uploaded programatically using Filestack’s SDKs and REST API.

When your users upload files, most of the time bytes will be sent directly from the browser to the S3 bucket. This is important for performance and compliance reasons. If you decide to use other storage than S3, your files will first get stored in the Filestack’s S3 bucket and then they will be moved asynchronously to your destination storage.

If your users would like to upload files from cloud integrations in the File Picker, they have to authenticate with selected service first and authorize OAuth2 application to have access to their resources. Once done, Filestack backend will download selected files from cloud integration API and store it in your storage.

For every uploaded file you will receive unique URL that points to Filestack CDN. You can use that URL in your application (as is or transformed using Filestack Processing API).

Unique part of the URL, is what we call handle. This is the unique identifier of the file in Filestack system. You can use handle when you interact with Filestack REST API and for example get file metadata or remove it from the system if no longer needed.

Where to go for more information:

Delivery and Transformations

As mentioned above, once the file is uploaded you will receive a unique URL that you can use to deliver and transform that file in your application. When your file (or it’s transformed version) is requested by a user, Filestack’s backend will download it from the storage location and it will deliver it using Content Delivery Network to your users. CDN consists of global network of servers that temporairly cache your files so that they are not downloaded from Filestack (and your storage) every time someone requests it but instead they are delivered from cache server closer to the user. This ensures great performance, low latency and reduced data transfer fees.

Files are cached in the CDN for 30 days (with some exceptions) but you can change that behaviour using Processing API. Also if you transform your files, result of the transformation will be kept for 30 days in Filestack’s internal cache layer. File transformations are computationally expensive so we keep those results to improve performance and your users experience.

You don’t have to upload files with Filestack to use our CDN and Processing API. You can use any file that is available over HTTP protocol that is in the public network or you can configure Storage Alias that will let you use files from your existing storage without a need to re-upload them.

Where to go for more information:

Security and Data Protection

Security and Data Protection are very important for us at Filestack. We ensure that our infrastructure is secured and that your data is kept safe.

Because we deal with user generated content most of the time, security and data protection is a shared responsibility. By default your Filestack integration is public. It means there are no constraints where your files are uploaded and delivered from. That’s why Filestack provides its customers with set of tools like (Security Policies and Domain Whitelists) that allow for complex and granular control over what, where and when can be done (and by whom).

Filestack is compliant with GDPR and Privacy Shield.

Where to go for more information: