1

We have a plan to create a new section to our website - one that will feature HTML5 video. During the initial tests we've done, HD video encoded with Zencoder and stored on Rackspace Cloud Files and delivered by their CDN works really well, really fast and really smooth!

However, in PHP/htaccess there is an option to stop hot-linking that basically says, only allow delivery of the file if the request originated from the host server. Does anyone know of something similar that we could use / implement to prevent the various files from being delivered to alternative sites.

The situation we don't want to get into is where somebody grabs the CDN code, and hot links to the video from a web forum or other website. But, having said that, i'm not totally sure we can prevent it.

Does anyone have any thoughts?

TIW
  • 117
  • 1
  • 7

4 Answers4

1

Based on the info in the Object Storage API you can do this now using X-Container-Read: .r:hostname header on the bucket, as explained in Swift documentation.

Roman
  • 121
  • 1
0

I don't think this is a solvable problem with any of the CDNs. Akamai, and microsoft's CDNs have this issue as well.

Jim B
  • 24,081
  • 4
  • 36
  • 60
  • Hi Jim,Thanks for the comment. I'd come to that conclusion. The only way I could see around it was to 'grab' the file back to the server at the time of page load, making it available with a temporary filename, which is flagged for removal after say 60 minutes. The downside is it potentially slows the page load time as well as adds extra resource utilisation for minimal if any benefit. Plus it gets extra complicated in a multi-server load balanced environment! – TIW Jun 09 '11 at 00:28
0

Most CDNs support some form of "secure token" to allow access control. Basically, these are time-limited URL parameters. Even YouTube uses these to prevent leeching.

If Rackspace cloud files doesn't support these, they probably will soon. They've been introducing new features frequently since switching to Akamai for delivery. MaxCDN supports this, as do others.

rmalayter
  • 3,762
  • 20
  • 28
0

I just chatted with a Rackspace rep that said there are currently no access control methods to prevent hotlinking by non-approved hosts. Once you put a file on Cloud Files, it's available to the world for their embedding pleasure.

He said they are looking into a solution but there is no timeline on implementation.

edit: I should also note that from what I've read, Akamai does allow this, so it's just a matter of Rackspace getting that functionality to trickle down.

k00k
  • 101
  • 1
  • Hi k00k, thanks for updating the question! Interesting reply from Rackspace, and as you say, if Akamai do it, it should be trickle down to Rackspace! – TIW Jul 19 '11 at 13:50