How can I protect my video in wordpress from direct download?

2 replies
Hello everyone, I was wondering if there was a way to generate an expiration link everytime someone views a video. I KNOW I cannot stop someone from downloading the video to his/her temp folder and sharing that file, BUT I want to at least stop them from finding the direct link to my wp-upload folder or whereever else.

I know I can do this with S3 amazon and those awesome s3 video plugins, BUT I don't want to do this YET. There has to be a way, because I would find it VERY odd that it's easier to protect your files that's hosted elsewhere(s3) and not your own local website.

All these tutorials rely on having S3.

Oh if possible, I would like the cheapest option if possible...

Thank you.
#direct #download #protect #video #wordpress
  • Profile picture of the author FredBliss
    Hi Ali,

    There are a few things you'll want to do...

    1) protected the folder itself from direct browser access and the generic file listing that you see if you browse to the upload folder as it stands. How you do this is incredibly easy, simply place a basic index.html file in the folder that contains the files. Browsers will load the index file instead of the generic file list.

    2) hide the folder from search engines. In your root web folder, in robots.txt, you can add the following line, adjust to fit the relative folder path to your video file(s):

    User-agent: *
    Disallow: /path/to/my/video/files/folder/

    obviously replacing that placeholder path with your video folder.

    3) obfuscate the name of the file like "those awesome s3 video plugins" using php and javascript. I'm not going to detail this here, google "url obfuscation, video" and have at it.

    HTH!

    Fred
    {{ DiscussionBoard.errors[6531825].message }}
    • Profile picture of the author Lovelogic
      Using a server side script to randomly rename both the folder and the file-names it contains at regular intervals is one approach. This way any link is only valid for a few hours at best and you'll find a lot of movie sites that use this method because it does not use a lot of server resources. This being an important factor if handling thousands of video files.

      The other system is to send all video files from the same URL location using a server side script such as PHP and use this instead of a URL pointing to the file in your web pages HTML5 or flash player.

      get_video.php
      Code:
      <?php
      
      ###### Authenticate user request methods:
      // read a cookie, check referer, 
      // look at the IP, pass a secuity token/variable etc 
      // Basicaly looking to see if the PC requesting the file has been
      // on your website in say the last few seconds.. like a normal user
       
      if (£authenticated)
      {
      
      if (£video_request =='alpha_movie')  £output = "video_1/foo.flv"; 
      if (£video_request=='beta_movie')  £output ="video_1/bar.flv";
      if (£video_request=='gamma_movie')  £output ="video_2/bar.flv";
      
        header("Content-type: video/flv");
        echo file_get_contents( £output);
      // when the script runs WP sees a video file
      }
      ?>
      {{ DiscussionBoard.errors[6543986].message }}

Trending Topics