Nginx Kodi User Agent secure_link blocking / banning

c0nw0nk nginx-forum at
Wed Nov 2 07:23:41 UTC 2016

gariac Wrote:
> Kodi is the renamed xbmc. I use it myself, but I never "aimed" it at a
> website. I just view my own videos or use the kodi plug-ins. You can
> install it yourself on a PC and see it is intended to be just a media
> player. It really isn't any different that seeing VLC as the agent. 
> Perhaps someone wrote a plugin for your website. Make that a poorly
> written plugin ;-)
> Do you offer your mp4 files to the public?

Well the idea of the secure_link module is to prevent people directly
accessing any file without their own generated link.
The generated hash matches that user's IP, the URL and contains a UNIX
timestamp what is set to expire the URL after about 5 hours.

With the secure_link module you can also include other personal information
on the user into the encrypted string of the generated secure link such as
cookies, user-agents etc.

I guess to answer your question no the files should not be publicly
accessible without first accessing the webpage that generates the
secure_link for you to access the file via.

Posted at Nginx Forum:,270705,270707#msg-270707

More information about the nginx mailing list