Results 1 to 4 of 4

Thread: Secure HLS streaming

  1. #1

    Default Secure HLS streaming

    Hello, I'm using Wowza edge server (4.0.2) for HLS streaming. I secured url to streams with URL sign from WMSPanel. I have big problem with this. Access to main manifest (m3u8) is secured and can't be access without key send in URL query (http://x.x.x.x:1935/live/xxxxxxxxxxx?playlist.m3u8). Unfortunatelly, you can access stream with urls to next segments of stream (http://x.x.x.x:1935/live/xxxxxxxxxxx...852822719.m3u8). Those urls include Wowza session ID as I mean and only user who started session should have access to them. Is it kind of error in your HLS implementation. Is any way to avoid for this?

  2. #2


    If you implement any security Module that handles onHttpSessionCreate event result will be the same. Module intercepts only create session event and server responsible for the rest session logic. Wowza cannot strict session id to tcp session and to particular ip address as this will not always works especially for mobiles.
    We cannot fix it from Wmspanel side too.

  3. #3


    Ok. As I understand, I can't secure HLS streams with wowza server. Is it really true?

  4. #4


    You can, just write a simple serverSide Module.

Similar Threads

  1. Replies: 2
    Last Post: 10-08-2012, 05:46 AM
  2. Replies: 0
    Last Post: 10-05-2012, 08:15 AM
  3. Secure Token for playback Secure URL params for publishing.
    By Pandepoulus in forum AddOn: Other AddOns
    Replies: 6
    Last Post: 06-18-2012, 04:56 PM
  4. Secure RTSP and HLS/HTTP streaming
    By in forum Live Streaming and Encoder Discussion
    Replies: 10
    Last Post: 04-06-2012, 02:21 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts