Results 1 to 7 of 7

Thread: limiting the ability to serve our vod streams to exclusively *our* domains

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1

    Red face limiting the ability to serve our vod streams to exclusively *our* domains

    I apologize in advance if this is the wrong section, but as we serve exclusively vod streams, i figure this is a good starting place.

    We're using the latest version of wowza (3.5.2 i believe), along with jwplayer 6.2 in our setup.

    We're serving HLS (for iOS), RTSP (for android, via a link outside of jwplayer), and RTMP streams (for flash user, the odd android user that has flash) in our setup.

    Our website environment will be wordpress based, using a members management system that doesn't involve any .htaccess authenticated "members area", but rather limits access to pages / posts on the website based on member levels assigned to them within wordpress' user management (i.e. "Magic Members").

    We're not concerned with actually protecting the content we stream, in fact underneath the media player we're providing download links to the files we stream.

    What we are concerned with is the ability for people to just copy / paste our player code, and stream our content on their website / any external site outside of our network (i guess you would call it hotlinking).

    Here is where our main issue lays: atm (we're still in dev stages for our site), we are linking to the "cloud hosted" version of jwplayer, and we were not able to get our streams working (cross domain issues) until we allowed the server domain that the cloud hosted player resides on in the crossdomain.xml file residing on our wowza setup.

    This config though means that anybody can basically copy / paste our jwplayer code and serve it on their pages and the streams will work (i tried it on another domain), and so it obviously poses a really huge risk in terms of bandwidth usage / security.

    What would be the recommended way of locking down these protocols (hls, rtsp, rtmp) not so much to prevent the ability of downloading the files, but for the purpose of limiting the domains that can stream the videos to very specific ones? Is there a way to tweak the crossdomain.xml (or another .xml config) so that it is only willing to serve streams not only to the domain where the swf player is located, but specific sites also?

    note: ideally I want to avoid self hosting the jwplayer .swf file, but I'll do it if i have to (its just nice that they auto update the player to the most stable version, etc if we use their cloud hosted one).

    p.s. please be as thorough / detailed with your response, as i am really quite novice to how all of this works.
    Last edited by breaktheskyinc; 04-07-2013 at 01:19 PM.

Similar Threads

  1. Limiting the Cupertino Streaming Packetizer to a selected set of streams
    By Xegagon in forum Live Streaming and Encoder Discussion
    Replies: 4
    Last Post: 05-15-2014, 08:17 PM
  2. Control live-record by limiting duration of streaming video or limiting file size
    By fjckls in forum Wowza Streaming Engine functionality
    Replies: 4
    Last Post: 10-21-2013, 11:18 AM
  3. Plug-in development to serve VoD files MPEG2TS over UDP/RTP/RTSP to IPTV STB
    By jernandez in forum Wowza Streaming Engine functionality
    Replies: 1
    Last Post: 07-05-2013, 03:00 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts