FV Player Pro lets you play encrypted HLS streams which is the most poweful video download protection technique.
One of the few security measures FV player doesn’t support, is the cookie based signing of URLs.
Why we don’t support Cookie signed requests:
- A single signed Cookie gives you access to all the files in a folder
- Not many CDNs support it
- Using signed cookies would require your CloudFront domain to be a subdomain of your own website. Alternatively, you would have to upload a special script to CloudFront and call its URL in the plugin settings.
While AWS CloudFront and some other CDNs support cookie signing, FV Player uses a more reliable alternative – signed URLs.
As opposed to cookie signing, signed URLs with our Stream Loader feature do not require you to do much, and are supported by most CDNs out there. Furthermore, each individual URL is signed to ensure that the attributes of the token will not be tampered with. The tokens are valid only for a certain time and they are tied to the user ID.
Even though it’s a much weaker protection than encrypting the video, it’s still a worth while security measure.
Instead of all the drawbacks and requirements of cookie signing, all you have to do to get signed URLs, is enable the Stream Loader feature and check your CDN settings.
Some CDNs work with Stream Loader automatically, such as BunnyCDN. If you’re using CloudFront and you’ve followed our CloudFront setup guide, then you’re probably all set to use Signed URLs too.
