I am using Amazon CloudFront to stream paid video content to my users and I am having problems getting the videos secured. Wowza does that by creating a secure token, but the use of wowza would be much more costly.
Is there anyway that I can better protect my content by using Cloudfront or other CDN?
Thanks!
You can use signed URLs with Amazon CloudFront.
Below is the link to the documentation, but basically your application can generate a signed URL for the media asset just for the authenticated user so that only they can access that asset and only for a specified date/time range.
Excerpt from the docs:
You can restrict access to objects in CloudFront edge caches: You can configure CloudFront to require that end users access your objects using special signed URLs. You then create the signed URLs (either manually or programmatically) and distribute them to your users.
When you create signed URLs for your objects, you can specify:
- An ending date and time, after which the URL is no longer valid.
- (Optional) The date and time that the URL becomes valid.
- (Optional) The IP address or range of addresses of the computers that can be used to access your content.
One part of a signed URL is hashed and signed using the private key from a public/private key pair. When someone uses a signed URL to access an object, CloudFront compares the signed and unsigned portions of the URL. If they don't match, CloudFront doesn't serve the object.
Link to the docs: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
Take a look at Getting started with secure AWS CloudFront streaming with Python for a complete guide to securing cloudfront streams using signed URLs. It shows how to do it using python to generate the signed URLs that automatically expire after a set amount of time.
Enjoy!
Voxel - http://www.voxel.net/products-services/voxcast-cdn They using Wowza and you can apply authentication tokens and parameters.
Let me know if you need help and I can chat with them.
Regards, cdnXite
