Results 1 to 7 of 7

Thread: limiting the ability to serve our vod streams to exclusively *our* domains

  1. #1

    Red face limiting the ability to serve our vod streams to exclusively *our* domains

    I apologize in advance if this is the wrong section, but as we serve exclusively vod streams, i figure this is a good starting place.

    We're using the latest version of wowza (3.5.2 i believe), along with jwplayer 6.2 in our setup.

    We're serving HLS (for iOS), RTSP (for android, via a link outside of jwplayer), and RTMP streams (for flash user, the odd android user that has flash) in our setup.

    Our website environment will be wordpress based, using a members management system that doesn't involve any .htaccess authenticated "members area", but rather limits access to pages / posts on the website based on member levels assigned to them within wordpress' user management (i.e. "Magic Members").

    We're not concerned with actually protecting the content we stream, in fact underneath the media player we're providing download links to the files we stream.

    What we are concerned with is the ability for people to just copy / paste our player code, and stream our content on their website / any external site outside of our network (i guess you would call it hotlinking).

    Here is where our main issue lays: atm (we're still in dev stages for our site), we are linking to the "cloud hosted" version of jwplayer, and we were not able to get our streams working (cross domain issues) until we allowed the server domain that the cloud hosted player resides on in the crossdomain.xml file residing on our wowza setup.

    This config though means that anybody can basically copy / paste our jwplayer code and serve it on their pages and the streams will work (i tried it on another domain), and so it obviously poses a really huge risk in terms of bandwidth usage / security.

    What would be the recommended way of locking down these protocols (hls, rtsp, rtmp) not so much to prevent the ability of downloading the files, but for the purpose of limiting the domains that can stream the videos to very specific ones? Is there a way to tweak the crossdomain.xml (or another .xml config) so that it is only willing to serve streams not only to the domain where the swf player is located, but specific sites also?

    note: ideally I want to avoid self hosting the jwplayer .swf file, but I'll do it if i have to (its just nice that they auto update the player to the most stable version, etc if we use their cloud hosted one).

    p.s. please be as thorough / detailed with your response, as i am really quite novice to how all of this works.
    Last edited by breaktheskyinc; 04-07-2013 at 01:19 PM.

  2. #2

    Default

    Any assistance at all with this issue would be greatly appreciated...

    I'll also be happy to provide clarifications on anything regarding the setup if it's needed.

  3. #3
    Join Date
    Dec 2007
    Posts
    21,962

    Default

    This is answered in support ticket.

    Richard

  4. #4

    Default

    I can highly recommend the services of wmspanel.com , firstly it's a great way to see what your Wowza servers are up to, but they also have the WMSAuth system which helps greatly in locking down your streams. In a nutshell, your web page generates a specific auth key on the fly, and only if it is valid will the request go to Wowza.

    So even if people copy HTML right out of your site and use your jwplayer installation, it will be useless as they won't have the updated key.

  5. #5
    Join Date
    Aug 2013
    Posts
    2

    Default

    I have the same issue. but i'm not with wordpress, only php page!
    have you found a solution ?

  6. #6

    Default

    Hi,

    This could be starting points to protect your player code/content:
    For flash there is a module that could be used here: How to combat hotlinking your Adobe Flash SWF file
    http://www.wowza.com/forums/content.php?114
    If you want further protection you could read:
    How to add SecureToken protection to LongTail JW Player 5 and 6
    http://www.wowza.com/forums/content....Player-5-and-6

    This could work with infos in:
    http://www.longtailvideo.com/support...nk-protection/

    You may also want to consider regular hotlink protection on your website. This can be achieved with a .htaccess file to allow only listed referrers to access the player/content.
    Here is a basic explanation for pictures: http://www.htaccesstools.com/hotlink-protection/

    I hope this helps.
    Thanks
    Arnaud

  7. #7

    Default

    Hi there,

    Have a look at this article:
    How to limit playback by IP address

    Salvadore

Similar Threads

  1. Limiting the Cupertino Streaming Packetizer to a selected set of streams
    By Xegagon in forum Live Streaming and Encoder Discussion
    Replies: 4
    Last Post: 05-15-2014, 08:17 PM
  2. Control live-record by limiting duration of streaming video or limiting file size
    By fjckls in forum Wowza Streaming Engine functionality
    Replies: 4
    Last Post: 10-21-2013, 11:18 AM
  3. Plug-in development to serve VoD files MPEG2TS over UDP/RTP/RTSP to IPTV STB
    By jernandez in forum Wowza Streaming Engine functionality
    Replies: 1
    Last Post: 07-05-2013, 03:00 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •