Nginx secure links
1. Make sure nginx is installed with the module.
nginx -V
If the module is missing, reconfigure nginx with the secure link module enabled. See more here.
nginx version: nginx/1.6.2 built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) TLS SNI support enabled configure arguments: --prefix=/etc/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-log-path=/var/log/nginx/access.log --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --with-debug --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_realip_module --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-http_xslt_module --with-ipv6 --with-sha1=/usr/include/openssl --with-md5=/usr/include/openssl --with-mail --with-mail_ssl_module --with-http_secure_link_module
2. In the administrative panel, specify nginx for the Temporary URL option.
3. The
events { worker_connections 1024; } http { server { listen 80; server_name localhost; location / { proxy_pass http://localhost:88/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } location ~* \.(htm|html|jpeg|jpg|gif|png|css|js)$ { root /var/www; expires 30d; } location ~ ^/test/ { root /var/www; # This must match the URI part related to the MD5 hash and expiration time. secure_link $arg_st,$arg_e; # this must match the URI part related # This is how the MD5 hash is built from a secret token, a URI and an expiration time. secure_link_md5 supersecret$uri$arg_e; # 'secret' is the secret token # # If the hash is incorrect then $secure_link is a null string. if ($secure_link = "") { return 403; } ## The current local time is greater than the specified expiration time. if ($secure_link = "0") { return 403; } ## If everything is ok $secure_link is 1. This needs to be here otherwise you'll get a 404. rewrite ^/test/(.*)$ /test/$1 break; } } }
4. From the STB the following information is obtained:
Opening: sol ffmpeg URL http://192.168.1.72:80/test/Ducks.mkv?st=92OMUK4UxngBROaOH2matA&e=1411132052 Found solution "ffmpeg" num 16 Mediatype detected len 16683, start 0 end 16683 atype 0 vtype 0 CODEC_ID_H264 Event 2 STVID_SEQUENCE_INFO_EVT w 1280 h 720 STVID Change AR 2 FrameRate 29970 dem 29970 STVID_SEQUENCE_INFO_EVT w 1280 h 720 Event 7 Changed FrameRate 29970 dem 29970 Event 4 Event 1 Opening: sol ffmpeg URL http://192.168.1.72:80/test/Ducks.mkv?st=W1bQJd-yvZrQzPFdNaqctw&e=1411132071 Found solution "ffmpeg" num 16 Mediatype detected
See nginx official documentation for details.