Forum

Tokens ip locked?

Douggle 2016-10-15 21:45:46 UTC in Paywall: WMSAuth and beyond

What do I need to do to make the token that gets generated to a certain stream be locked to just that ip address?

Yury Udovichenko 2016-10-16 12:06:54 UTC 

Hello,

Please take a look at hotlink protection feature: http://blog.wmspanel.com/2013/11/nimble-streamer-protect-hotlinking-domain-lock.html
And also check full paywall feature set: https://wmspanel.com/paywall

Douggle 2016-10-16 18:45:01 UTC 

I have done that in depth and neither one of them describe what I asked bout, right now tokens are generated the problem is that anyoen can take a valid token and use it,I d like to lock that to a single ip address is there away to do so?

Yury Udovichenko 2016-10-17 00:55:50 UTC 

If you know the exact IP address, you can change this line
$ip = $_SERVER['REMOTE_ADDR'];
to
$ip = 'known IP adress'

I'd rather recommend using pay-per-view framework to control all your current connections: https://wmspanel.com/nimble/pay_per_view

Carleton 2016-10-17 20:07:53 UTC 

What if I don't know the IP address and I just want the token to play only off the end users IP. This way, he can't grab the token on his personal computer, then just paste his Computers Token on a Server. While I can just make the token last 1 minute, there is always ways around things. I think if this isn't an option it would be a great addition to Nimble/WMS.

Yury Udovichenko 2016-10-18 02:27:59 UTC 

Hotlink protection allows covering this use case. Once you get signed stream URL, this URL can be played only from the IP which was used for generating the signature. Please read this article carefully: http://blog.wmspanel.com/2013/11/nimble-streamer-protect-hotlinking-domain-lock.html

Douggle 2016-10-18 03:27:14 UTC 

I read this article and nothing in the article says that the token is locked to the users ip,

Yury Udovichenko 2016-10-18 04:39:42 UTC 

If you look at the code sample you can see it has IP encoded into the signature.

Douggle 2016-10-18 05:13:36 UTC 

<?php
$today = gmdate("n/j/Y g:i:s A");
$ip = $_SERVER['REMOTE_ADDR'];
$key = "pass";
$validminutes = 1;
$str2hash = $ip . $key . $today . $validminutes;
$md5raw = md5($str2hash, true);
$base64hash = base64_encode($md5raw);
$urlsignature = "server_time=" . $today ."&hash_value=" . $base64hash. "&validminutes=$validminutes";
$base64urlsignature = base64_encode($urlsignature);
?> this is the code we use
<?php
$today = gmdate("n/j/Y g:i:s A");
$initial_url = "http://stream.company.com:8081/vod/sample.mp4/playlist.m3u8";
$ip = $_SERVER['REMOTE_ADDR'];
$key = "defaultpassword"; //this is also set up in WMSPanel rule
$validminutes = 20;

$str2hash = $ip . $key . $today . $validminutes;
$md5raw = md5($str2hash, true);
$base64hash = base64_encode($md5raw);
$urlsignature = "server_time=" . $today ."&hash_value=" . $base64hash. "&validminutes=$validminutes";
$base64urlsignature = base64_encode($urlsignature);

$signedurlwithvalidinterval = "$initial_url?wmsAuthSign=$base64urlsignature";
?> this is your code not seeing a whole lot of difference

Yury Udovichenko 2016-10-18 05:29:35 UTC 

$ip = $_SERVER['REMOTE_ADDR'];
this line takes current user IP address. If you pass the signed URI to other user with other IP, it will not work.

Charlie 2017-10-19 19:00:21 UTC 

Is there a way to exclude IP from the signature? Some ISP is sending weird IPs, like they are sending 2 IPs, 1 to web server and 1 to nimble so it creates a mismatch and nimble returns 403 error

Alex Pokotilo 2017-10-20 02:19:03 UTC 
Post a reply


Post a new question

Categories:

Tags:

nimbleNimble StreamerFAQHLSDVRRTMPhlsnimble streamerABRcachewmsauthNimbleAPItranscoderSRTdvrapirtmpffmpegVODsrtfailoverDASHsldpstreamingrtspwmspanellivevodudppaywallsubtitlesDispersaRTSPvideoSLDPyoutubeabrlivestreamingmp4WMSAuthMPEG-DASHpay-per-viewgeodashstreamerWMSPaneledgebandwidthWindowsencryptionUDPhttpswhite labelconfigsmilmulticastFFMPEGsslMPEG-TSaudioCORSchunksraspberry pire-streamingmpeg-dashperformancecorsadvertizervlcrepublishingS3cloudfrontDRMuser agentandroidNDILarixrules.confplaylistadvertisingipv6MPEGTSFastSpringRAMthumbnailFMLEVATcrossdomainmpegtsSMILRecordingaespushakamaiwowzaserversPullmobilecodecerrorSSLbalanceTranscodem3u8chromecastplaylist_dvrWowzaIDreportingconfigurationbugdownloadpublish controlRepublishingnimblestreamerdomainLarix Broadcastermpeg-tsraspianloopVidillionHttpschunkAWSawsoriginCDNwms panelroutesamazonIPipupdatenimble webcam html5UIbitrateRegistration Issuedirect link32-bit Windowstwitchcache_controlitworkmelive abr support mpeg-dashwmspanelapiresumertmp abrbeirutWWDCdubaideep statsCentOS v6.4hls to multicast udpnooblogWowza AgentRemote StorageIIS Smooth StreamingcloudmediaAbrHTTPSHot-linking protectionHDSvaddioalertsjwplayer websitewhmcsbaselineAuthentication in HLSPi4nginx rtmp nimbleAV BridgepricelimitOld logsVaddioscte-35screencastPI3 Ubuntuview timeattaching domainscontainerinterfacesDVRRecordingloadbalancingmod_rewritemetadatadatmessageWMSCONFIG_HOMEprofileID3 tagsgbpsAxisrestreamcostwmsauthsignhighhds streamlocalciscohls restreaming.net hotlinkVLCniblergentoo install server nimblePublic Iptranscoding using NvidiaPaywall Authdecodertransocding republishingVideo PlayerofflinedocumentationNimble streamer upgradeTrancoderconcurrent-connectionsAliasfilelost trafficServer-sideicecast urlstoppedNimble Streamer versionrulemainhot linkingchangelebanonlocationmanifestMP4 not playedspaceLarix Groveamfpay per viewseekingdvr_archivesmpeg dashonSteam stopped workingobsTCORaspian BusternginxPlayReadyamazon web servicelimuxopensslHLS voddvr stream twicesdpshoutcasthot-linkAXVVGanalyticspaywalapplicationblocknvencExpression Encoder7brandingtrialHLS PlayerDASH Playerdebianmicrosoft streamMP4errorsrocksoftlog traffic statslive video on demandbandwithservernimblesessionidFFmpegmultiple originsscreen freezecan't registerprogressive downloadABR DASHprivate networkLarge DVR filessourceheaderno WMSPanelSnapshotslive videolog nimble analysertmp playbackinterleavingvideojsmac osx installvideo stopwotermarkadaptiveAV1 codecvimeohelp errorstreamsNGINX-RTMPJWPLAYERload balanceattachmentcache expiryvod no soundconcurrent connectioncdnvsomdvr streamconnectivityUbuntu 20 ARM - AWSunique visitor4Kcrossdomain more then 1 domainlive streamViewer StatscpuWidevineDelaympeg2tsFairplayServer-Side-Task-Controldisk migrationAWS 3buttnot foundCPU Loadscreen capturestereo to monopullAS3drmresourceaes encryptionTranscoderLive streamingsubscriptionsecurityinstall players setup ready to goDVRSettingstwitch larix broadcaster androidAppleDelete recordsABR HLS Bitrateslive pull settingsWMSPanel settingsrtmp for YouTubevideo loopicecastudp streamingoutratestarttime duration seekpointrebootmonitornimble streamer vod hls transmuxinglogginglearnerapi accessDeep statsloadbalancernimble.confrtmp republishing transcodeIIS Media Servicsweb playerinsert logodvr streamsautomationnimble streamer web server php script pageNimble Streamer APIlivestreamcontent-dispositionAVCaptureMovieFileOutputblock downloadNimble CapacityABR DVR problemLive SwitcherPost processingadd_chunk failedfake extensionMPEG DASHUbuntu artful 17.10Transcoder MPEG DASHNimble Servernot to stealLive Broadcaststatus:errorFFMPEG;RTMP;I/O errortranscodingRTMP republishHotlinking ProtectionStreaming routefacebookPIDMPEG-Dashlarix broadcasterbroadcasterOSXpaymentstatsreloadpremium featureserver incorrect timeThumbnailsLiveLIVEadvp9contentRTMP RepublishssaiDVR Setting limitdemandHow to do live stream with multiple audio trackrmtpno internetIOSProgressivenimble aliasesHLS Streamingthumbnail dvr-thumbnailLoad-Balancingnimble streamer mpeg-ts multiple inputswmsAuthSignreportsavoid refreshraspberrysoundHLS Meta Tag editing.transcoder nimbleSecureJetson Nanotranscodevbv-maxratedvr on wmspanelVideo cant be playedS3 AWSuser_agentautomateAndroidVR-360Failoverdockerlivestream bitrateABR bitratesPacketizingbuildpublish streamStream Delaytraffichd25AArch64delaympeg4.movalias routestoragedomain lockVOD HLS streaming on public IPoutputUsers limitcloudflareanalisysscteno soundInvalid frame headerincoming streamHTML5 playerGopwirecasta recordhttp serverNimbleStreamerav1 codecabr fallbackNimble connectionsdistributionfastspringNimble streamermp2 audiodata slicesaliasplayer sldpqataritworkscdnvideo.jsspeedup my videoiOSissuepricinggoogle cloud storagedissapointmentpay-per-minuteRAM LoadlivestreamintransocderPaywallvideo and audio not matchdiskstorage space available3.6.1-1SO_RCVBUFbuffering videocompatibility protocolsMax connectionUDP MulticastgpurestarthelpFallbackError when installinghow-tomanage_dvrrulesDVRStreamsaws amazonserver ip21SSL requestMPEG2 Videologo in streamVP9sha265nimble on cloudprerollDVR SettingPORTanalyseStreamIDcredentialsincomingmulti-viewervideo audioCross DomainSRT protocolmd5nimble dvrrtpdurationBandwidthbufferRIST BondingplayoutControl APIfallbackQuickTimevideo streamingartifactsrtsp push androidtuningactionscript 3server ssl errorCSSRistwebhookdvr to liveprogressivebroadcast videoRTMP to SRTscte35ubuntu 18Teradek DecoderlatencyNimble_Crushdynamic linksTLSV 1.2 Certificatefairplayre-publishingSRT RTMPsoftware versionadjustBroadcasthotlink protectionultra low latencyRaspberryPi4Raspberrytasks-control

This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the Privacy Policy. If you want to know more or withdraw your consent to all or some of the cookies, please refer to the Privacy Policy.
By closing this banner, scrolling this page, clicking a link or continuing to browse otherwise, you agree to the use of cookies.