|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| ||||||||||||||||||||||||||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
July 2nd, 2009, 02:10 AM
|
|||
|
|||
|
mod_rewrite - File protection
Hello all, I am currently looking after a video streaming site. few days back , we moved all our video files to S3 (amazon cloud). Therefore, our site has become distributed where we host the PHP files on File Server & media at cloud. The problem is, I need to protect my videos & not want to allow user to see the URL path of the video. by not doing so, user can easily see URL & can download the videos easily. atleast, i need to make sure that every video request should go to the fake URL or PHP page some thing like that. Your help / suggestions are appreciated. Thanks.
|
|
#2
July 3rd, 2009, 12:18 AM
|
||||
|
||||
|
There is no perfect solution. Be aware of that.
The client is going to see the URL one way or another: maybe through the Flash player (which requests the video), maybe through a direct link. You can't get around that without loading the video through your own site - which defeats the purpose of using S3. You can, however, give a time limit on when the user can access the file. If you mark the videos as ACL:private you can pass information through the URL to the S3 server giving access on a case-by-case basis. The information (authentication information) has a time limit. Look at the REST developer API for how it's done. So make a page to redirect the browser to the location of the video with the authentication information included; point your video player at this location, not the S3 address. Last edited by requinix : July 3rd, 2009 at 12:21 AM. Reason: blasted smilies
|
|
#3
July 3rd, 2009, 12:36 AM
|
|||
|
|||
|
Quote:
Thanks requinix a lot. Let me have try on this. ( Just a small query ; can we have a rewrite rule to point mysite.com/x.flv to http://amzon.....s3.com/video/x.flv ?) Last edited by ryand : July 3rd, 2009 at 01:09 AM.
|
|
#4
July 3rd, 2009, 01:49 AM
|
||||
|
||||
|
Yes you could, but it would have to be a redirect rule and not an invisible rewrite, so the user would see the amazon URL in their browser anyway.
|
|
#5
July 3rd, 2009, 02:23 AM
|
|||
|
|||
Quote:
can you show me how the RULE looks like ? may be i can try myself to build advanced one ?
|
|
#6
July 3rd, 2009, 04:14 AM
|
||||
|
||||
|
Code:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/?(.*)\.flv$ http://s3.amazonaws.com/bucket/$1.flv
Just to repeat what Oreo said, the user will see the S3 address in their browser. That is unavoidable using any method that doesn't involve your server relaying the video.
|
|
#7
July 3rd, 2009, 04:50 AM
|
|||
|
|||
|
Quote:
Agreed
|
|
#8
July 7th, 2009, 04:55 AM
|
|||
|
|||
|
I tried what "requinix" suggested i.e giving access to files on time to time basis. But this seems to be problematic in my case,because its affecting speed of the site.
With Rewrite rule we tried to mask the original location of the video ,( thats good ) like http://s3.amazon.../video/x.flv to http://myhost/x.flv. Can we add a constraint to this RULE so that if HTTP REFERER is myhost then only service files otherwise not ? Last edited by ryand : July 7th, 2009 at 04:58 AM.
|
|
| Viewing: Dev Shed Forums > System Administration > Apache Development > mod_rewrite - File protection |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
rivate you can pass information through the URL to the S3 server giving access on a case-by-case basis. The information (authentication information) has a time limit.
Linear Mode
