Reputation: 1468
How to use php and s3 to share private video that can't be downloaded?
I have a (php) website where teachers upload recordings of their class, and the students can log in and then play back the recording.
I want to make these videos more secure. Currently, the videos are stored on my server, and anyone with the url can download them. So, (1) I want to store them somewhere that can't be downloaded just using a url. And second, I need to stop them from right-clicking and saving the video as it is being played. I'm trying to work this out with s3 but not getting it...
Is this possible? Does it need to use a special player? Does streaming the video help (can any video be streamed)?
I appreciate the help, I've spent many hours researching this and just getting more confused as I go along!
Upvotes: 2
Views: 1887
Answers (1)
Reputation: 270324
There are a couple of options you may wish to use.
1. Amazon CloudFront RTMP Distribution
Amazon CloudFront is a Content Distribution Network that caches content closer to users worldwide, in over 60 locations. It also has the ability to service Real-Time Media Playback (RTMP) protocols. This means that your web page could present a media player (eg JW Player, Flowplayer, or Adobe Flash) and CloudFront can serve the content.
See: Working with RTMP Distributions
CloudFront Distributions can also service private content. Your application can generate a URL that provides content for a limited period of time. The content is served via a media protocol, so the entire file cannot be easily downloaded.
See: Serving Private Content through CloudFront
2. Amazon S3 Pre-Signed URLs
By default, all objects in Amazon S3 are private. You can then add permissions so that people can access your objects. This can be done via:
- Access Control List permissions on individual objects
- A Bucket Policy (as per yours above)
- IAM Users and Groups
- A Pre-Signed URL
A Pre-Signed URL can be used to grant access to S3 objects as a way of "overriding" access controls. A normally private object can be accessed via a URL by appending an expiry time and signature. This is a great way to serve private content without requiring a web server.
Similar to the above example with CloudFront, your application can generate a URL that provides access to S3 content for a limited time period. Once the period expires, the Pre-Signed URL will no longer function. However, during the active period, people would be able to download the entire file, so this might not be advisable for video content you wish to protect.
Upvotes: 2
Related Questions
- how to link a video from amazon s3 account into my website
- Getting a video from S3 and Uploading to YouTube in PHP
- Is it possible to play video in HTML with a private video stored in AWS S3?
- MPEG-Dash with secure S3 URLs
- Streaming private videos from Amazon S3
- PHP: upload files (vids) directly to S3
- Amazon s3 storing videos then output it in my site
- Loading secret FLV files from Amazon S3
- Drupal: Which video module to use with an Amazon S3 "already uploaded" file that should be available only to registered users?
- How to download the video from amazon if the acl is set private