topic How to Avoid Direct Amazon S3 URLs for HubSpot CTA Redirects? in CMS Development

How to Avoid Direct Amazon S3 URLs for HubSpot CTA Redirects?

Flaval — Wed, 21 May 2025 07:53:54 GMT

Hi there,

The Security Scorecard tool has flagged a concern on our website (upply.com). One of the Call-To-Actions (CTA) in our navigation bar appears to reference an Amazon S3 URL directly:

https://hubspot-cta-redirect-eu1-prod.s3.amazonaws.com/cta/redirect/26644154/7d77efac-f858-4f82-8623-06bc1352d5a2

This direct reference to Amazon S3 negatively impacts our global security score. As a best practice, it’s generally recommended to route such assets through a branded subdomain rather than exposing the raw S3 URL (e.g., hubspot-cta-redirect-eu1-prod.s3.amazonaws.com).

Our questions are:

Is there a way to configure HubSpot to use a custom/branded subdomain or CNAME for these CTA redirect links instead of the default Amazon S3 URL?
If not directly configurable via HubSpot, would this require intervention from our infrastructure/DevOps team, or is there a recommended workaround?

This issue was last observed on May 19, 2025, and is still open. We’ve reached out to HubSpot CSMs, but they haven’t been able to provide a definitive answer.

Any insights or recommendations would be greatly appreciated!

Re: How to Avoid Direct Amazon S3 URLs for HubSpot CTA Redirects?

TomM2 — Wed, 21 May 2025 10:00:00 GMT

Hey @Flaval at the momenr there's no way to customise the redirect URLs used by CTAs as they're a part of the HubSpot infrastructure and not managed user side.

Could you use the browser based tracking instead of the redirect based tracking instead?

Re: How to Avoid Direct Amazon S3 URLs for HubSpot CTA Redirects?

Flaval — Thu, 22 May 2025 08:13:32 GMT

Hey @TomM2, thanks for the answer! We tried to find without success where is located this screen you have exactly?

Re: How to Avoid Direct Amazon S3 URLs for HubSpot CTA Redirects?

TomM2 — Thu, 22 May 2025 09:00:52 GMT

Within the new CTA editor it should be under the "options" tab

Re: How to Avoid Direct Amazon S3 URLs for HubSpot CTA Redirects?

ABäckström — Wed, 25 Feb 2026 15:59:53 GMT

Hi @TomM2 - Is there a workaround for this if you still use the legacy CTA editor? We're experiencing the same issue on our end, but all of our CTAs are in the legacy editor because they're customized with our own font, something the new editor doesn't allow us to do.

Re: How to Avoid Direct Amazon S3 URLs for HubSpot CTA Redirects?

Victor_Becerra — Thu, 05 Mar 2026 14:58:42 GMT

Hey there @ABäckström, and thank you for posting your question!

As @TomM2 says, CTA redirect URLs are part of HubSpot’s infrastructure and can’t be customized.

As for workarounds, there is this Idea post discussing CTA URL behavior, where a user shares a manual code workaround:
https://community.hubspot.com/t5/HubSpot-Ideas/Allow-dynamic-parameters-in-CTA-URL/idi-p/39523

My recommendation is to create a new Idea post focused on your specific use case for the product team to take note.

Finally, I want to tag a couple of community members to share more insights. Hey there @RubenBurdin and @GRajput, I hope you're having a great week! Any additional thoughts?

Thanks!

Victor