Reputation: 19
lighttpd url redirect and security
Cross-post http://perlmonks.org/?node_id=979815
In my server we are streaming videos using lighttpd . Right now everyone who has the link to the video is able to stream the video and see. I want to assure security of the videos so that not everyone can watch the videos. I am thinking about creating a user specific and video specific md5sum which could be send along with url so that only video stream for that particular url request.
For example
Let us assume that now everyone can see the video in the following link
http:/xyz.com/musiv-video/video.mp4
According to my logic the following url should only stream videos
http:/xyz.com/musiv-video/video.mp4?md5=202cb962ac59075b964b07152d234b70&id=62485
I need to get the requested URL so that i could verify the requested URL has the correct md5sum which makes the user watch the video. If it does not have the correct parameters then i should not allow the video to stream.
Any suggestions. Thanking you in advance.
Upvotes: 1
Views: 243
Answers (1)
Reputation: 2052
Maybe you can create user/video specific folders and create symbolic links to the video files in those folders to get http://example.com/musiv-video/[md5sum]/video.mp4. Then you can serve the whole musiv-video folder. Note that anyone who can see the http requests can still see any of the videos so this is not really security measure, just something that makes access little more complicated. And make sure those urls are not found by Google search.
If you want to really restrict access, you need to create some better authentication scheme.
Upvotes: 0
Related Questions
- Lighttpd url.rewrite
- Convert Apache rewrite rules for lighttpd
- Lighttpd redirect
- lighttpd url rewrite per vhost
- How to convert my Apache .htaccess rewrite rules to lighttpd
- lighttpd authentication and rewrite on same url not working
- URL rewrite in lighttpd
- apache rewrite to lighttpd rewrite
- Apache rewrite rule to lighttpd
- lighttpd mod_rewrite url