Reputation: 319
How to prevent direct downloading media file from source?
I’m developing video streaming service as my personal project.
Video files are stored in AWS S3 bucket (I’m using media convert), web app was built on react next.js and backend was built on express. Passport is used to authenticate user logged in and out.
And I’m using Plyr for playing video sources.
Video files which used as sources for Plyr have direct link from S3. ( i. e. https://aws_s3_bucket_name/sources/5c0a74osfjw.mp4)
The problem is, user who signed in my service can get my video file source with chrome developer tools and can even download.
I’d like to block downloading with file link(but user should be able to watch video via my service) or to hide source file location.
Any good advice for this? Thank you. :)
Upvotes: 2
Views: 4908
Answers (3)
Reputation: 934
Use AWS MediaConvert to convert your mp4 to a HLS stream - .m3u8 playlist plus .ts segments. And during the creation of the job, you can pass in a decryption key which will be burned into the playlist. And a video player like Videojs can play the encrypted HLS stream.
And that will prevent anyone from being able to download the video directly. And even if they download the segments, it won't play as they'll be encrypted.
And you will have to use some programming to make sure that the videos only play on your website.
That's what S3 Video Player does to prevent downloads.
Upvotes: 0
Reputation: 33759
One option is to return a signed url to the user instead of a direct link to the actual S3 object. This enables you to set an expiration timeout to the url, meaning that if the user copies the link, it will become unusable after the time you have specified. You can generate a signed url by using the getSignedUr() function of the AWS JavaScript SDK (or using a similar function in one of the other AWS SDKs). Moreover, you can use signed urls together with CloudFront. For more information about signed urls in general and CloudFront usage in particular can be found in the CloudFront developer guide.
Upvotes: 1
Reputation: 4052
Ideally, you'd want to use HLS streaming with Cloudfront. Here is the tutorial on how to do it at AWS. It would not make copying your content totally impossible but would make it a lot harder.
However, in your case, Plyr might be the weakest link. From what I understood reading the specs, it's more or less a wrapper around HTML5 video player, that might have a problem playing these files. If changing to another player is an option - look at the link above and consider using CloudFront streaming.
Upvotes: 0
Related Questions
- Block files download from Amazon S3 without compromising Amazon Athena
- How to stop people from downloading my Amazon S3 video files
- Amazon AWS S3 to Force Download Mp3 File instead of Stream It
- AWS S3 Prevent Files From Being Download From Browser URL
- AWS Cloudfront CDN: Prevent videos from being downloaded
- How to restrict users from download files uploaded to aws s3
- prevent people for download files (image) from s3 amazon Bucket
- Amazon S3 Bucket Policy to prevent download?
- Prevent direct download of audio files from amazon s3
- Amazon s3 prevent opening media url in browser