Greetings.
my stream engine server can be called to play video directly by VLC like this:
vlc rtsp://stream.my.domain:1935/vod/definst/vod/dir1/video2.mp4
this make ddos attack possible.
and my websites which have all the clip listed are
http://site1.my.domain1
http://site2.my.domain2
I would like to limit my wowza stream engine server (stream.my.domain) to serve only the above 2 frontend sites (users viewing my videos through/on these 2 sites) so that others can not do the :1935 access activities like the above vlc direct access or other possible ddos attack.
how can I set it up or what are needed to achieve this?
Thanks in advance
Cheers
Joshua
Hello @STEMI_TW, with how the internet is used now and all the unfortunate tools/ways people can hack a url, there is no 100% solution to stopping it completely. But, you can significantly reduce the chances of it happening and Wowza always recommends rather than just using one security approach, combine several.
You can restrict which domains can access your content by using our RefererValidate module.
From the article:
“Adding an image tag or JavaScript to the embedded player webpage with a specified image path that points towards your Wowza server allows Wowza to validate the requestor and then enable the stream for playback. If the player is configured to start automatically or the page may take longer to load, the image tag should be positioned on the page before the embedded player.”
https://www.wowza.com/docs/how-to-control-access-to-your-application-by-checking-referer-domain-modulereferervalidate
If that option does not solve the issue for you, we offer a variety of security options to ensure only those you wish to have access to the stream can open it.
These options include:
- Security tokens
- IP blocking
- Geoblocking
- Encryption
- SSL
- Stream Name alias
- Source Authentication
If you’d like to learn more about the security options in Streaming Engine, you can read them here:
https://www.wowza.com/docs/security-options-in-wowza-streaming-engine
Hello Rose_Power-Wowza_Com]
Thanks for your reply, I will try to learn all these solutions.
Cheers
Joshua