I am using nginx secure_link to prevent video from hotlink. If main server key match remote server key. The video will able to access/watch. Otherwise if user access link directly without md5 link video return 403.
. .
The md5 key is match both main and remote. And the server time is the same.
. .
Main server (Apache) Generate link like this.
http://remote_example.com/videos/myvideo.mp4?st=E_Jb6MScgyMqjUo3eNQGkA&e=1485757614
. .
Remote server nginx config. "mypassword" is the same as which main server setup. Remote server using VestaCP panel.
location ^~ /videos/ {
alias /home/admin/web/example.com/public_html/videos;
secure_link $arg_st,$arg_e;
secure_link_md5 mypassword$uri$arg_e;
if ($secure_link = "") {
return 403; # invalid hash or direct link
}
if ($secure_link = "0") {
return 410; # link expired
}
mp4;
gzip off;
gzip_static off;
mp4_buffer_size 5m;
mp4_max_buffer_size 5m;
limit_rate_after 3m;
limit_rate 512k;
}
The server already compiled with "Http Secure Link Module". But when I use the config above and try the access the link. I can still access the mp4 file directly without md5 link. Anyone one can help to fix this problem? Would able to pay for any working solution.
