Amazon cloudfront how to set signed url outdated if used one time

Question

I need to protect my videos to be downlouded using "Internet Download Manager - IDM/IDMan" i used

1. rtmp stream
2. signed URL
3. expiration date of signed URL (60seconds) 
4. i set player(jwplayer)to *autostar*  

AND i need to set signed url outdated if it used one time using this solution IDM will get an url that is already used then blocked

Is there any way to configure cloudfront to use signed url just one time;

Or any solution that can protect videos to be uploaded and used in other web sites.

Please can you help? Thanks in advance

Answer 1

Cloudfront does not support the ability to only play a url once and they never will. The reason is that the only way to do this will be for all their edge servers to share the information - they currently do not share state which means scaling is much easier and performance is much better.

Unfortunately, if you're looking for fine grained control over how your videos are played, you're going to need more fine grained code, which you can't do in cloudfront - you'll need to host content directly on your server.

Idea 1: Limit by count You can implement the idea that you have - once the url has been used once, you no longer serve up that file.

Idea 2: Limit by referrer You can look at the referrer header and if it's from your website, then allow the content to be downloaded. Otherwise, reject it. Note: this can be spoofed and a user can set the referrer header manually.

Preventing a video from being downloaded and later uploaded is technically impossible. By letting them display the video, there really isn't any way to do that without them being able to record those bits and replay them later. There are probably things, like preventing right clicks or using an odd proprietary format or something else but I'm not familiar with DRM techniques.