nginx hotlinking protection issue with wildcards !!

shahzaib shahzaib shahzaib.cb at gmail.com
Fri May 9 05:45:08 UTC 2014 

Please guide me if hot-linking protection should prevent that stream to be
playable which is embedded ?


On Fri, May 9, 2014 at 10:36 AM, shahzaib shahzaib <shahzaib.cb at gmail.com>wrote:

> Hello Maxim,
>
>                I am not using server_names, it was just a google stuff i
> put in order to test if hotlinking works or not. One of my teammates
> informed me that the link is embedded on the website and there's no
> hot-linking protection issue regarding it.
>
> @Maxim, i think embedded videos are different than remotely playable
> videos. Offcourse, you'd have the better knowledge :)
>
>
>
>
>
>
> On Fri, May 9, 2014 at 7:25 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
>
>> Hello!
>>
>> On Fri, May 09, 2014 at 03:14:35AM +0500, shahzaib shahzaib wrote:
>>
>> > hello,
>> >
>> >      I am using hotlinking protection for mp4 files but found that
>> whenever
>> > i use wildcard in hot-linking, it doesn't work properly and videos even
>> > play on the domain where it doesn't suppose to be buffer.
>> >
>> > My mp4 config :
>> >
>> > location ~ \.(mp4)$ {
>> >                 mp4;
>> >                 root /var/www/html/tunefiles;
>> >                 expires 7d;
>> >        valid_referers none blocked server_names mydomain *.mydomain *.
>> > facebook.com *.twitter.com *.seconddomain.com *.thirddomain.com
>> > fourthdomain.com *.fourthdomain.com fifthdomain.com www.fifthdomain.com
>> > embed.fifthdomain.com;
>> >               if ($invalid_referer) {
>> >                     return   403;
>> > }
>> > }
>> >
>> > The mp4 file is buffering on the following domain which doesn't suppose
>> to
>> > be in valid_referers variable.
>> >
>> >
>> http://www.tusnovelas.net/telenovela/lo-que-la-vida-me-robo-capitulo-138
>> >
>> > Nginx-1.4.7
>> >
>> > Help will be highly appreciated.
>>
>> Try looking into Referer header of a request, as well as at server
>> names of a particular server{} block (as you use "valid_referers
>> server_names").
>>
>> --
>> Maxim Dounin
>> http://nginx.org/
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140509/eef1c283/attachment.html>

More information about the nginx mailing list