Category Archives: Technology

RTMPe Streaming: How does Secure RTMP Streaming work?

rtmp Stream, rtmpe streaming

RTMP Stream: The Technology

Real Time Messaging Protocol is used to stream multimedia data – audio and video  – between Flash Media Server and Flash Player. The chief utility of RTMP stream is in the optimization of the audio and video data transfer between the server and player. Its major use comes in Dynamic live streaming, and because of the encryption service RTMPE (which, despite of its security flaws, has a wide use) . In this blog post I expand upon – 

  • Use as Streaming protocol – How RTMP evolved as a widely used real time streaming protocol
  • Differences from other streaming protocols, strengths – In what aspects it differs from newer streaming protocols such as  HLS & HDS.
  • Use Cases – We also discuss certain RTMP use cases.
  • RTMPE – Utility of Encrypted RTMP and the flaws in its security services.
  • Flaws in Security & Streaming reliability

RTMP transfer across media server, CDN and flash player

Is RTMP Stream Optimal for Low Latency Transmission ?

RTMP stream does not use either of the 80/443 ports(HTTP/HTTPS) ports, but instead uses the 1935 port. An exclusive port for video packet transmission signifies that the RTMP stream protocol is suitable for transmission of low latency content – essentially live streaming of video content, and streaming of media without buffering. However, by using this port RTMP stream becomes vulnerable to being blocked by certain corporate firewalls.

RTMP stream is theoretically optimal for low latency streaming as the RTMP pointer is always in sync with the media server at the exact point of stream. This means that if their is signal interruption for say 5 seconds, the flash player will not display the signal for 5 seconds, but would resume at the real time when the signal over the network resumes. The stream should therefore never lag inspite of poor network, although the quality of video may suffer.

RTMP Stream: VOD across media server, CDN, Flash Player

Adaptive Streaming through RTMP

RTMPE is suitable for live streaming as it does not download any video packets except at the time of streaming – there is no buffering of content as would occur with a progressive media player. The bitrate can be dynamically decided to optimize user experience over the available network. Dynamic streams consist of multiple single streams of the same content, all of different quality. RTMP stream relies on dynamically adaptive content transfer to maintain video playback at periods of uneven network quality

RTMP stream is distinct from Progressive Streaming Players

Progressive media players, a category that includes popular video players Youtube, Vimeo & VdoCipher, allow video portion of the future video part to be downloaded as well. Essentially it allows for a future buffer in player. Progressive Streaming is now a common feature across all popular video hosting services across the internet. The shifting of video metadata from the end of media file to the front allows this possibility. Thus, before the download of complete media file, the media player has all the information that it requires to start playback.

In progressive streaming, the media is stored in the temporary directory of the associated web browser. This is the concept on which most downloaders or download software/plugins work. They are able to fetch this data which is coming into the browser.

With RTMP there is no storage in a temporary directory, and instead a continued direct streaming between the two servers. It is conceptually live and does not have any future buffer even for recorded videos.

Encrypted RTMPE & Security

Encrypted RTMP (RTMPE) wraps the RTMP stream session in a lightweight encryption layer. Through Encrypted RTMPE, the streaming protocol provides low-level stream encryptions for high-traffic sites. RTMPE uses Anonymous Diffie-Hellman key exchange method. In this algorithm two parties – the media server and the flash player – establish a shared secret key over an insecure channel. However, the initial point of secret key sharing is unsecure. The media server cannot verify the identity of the media player. This leaves the player vulnerable to man-in-the-middle attacks at session initializations.

RTMPS is an RTMPE over a secure TLS/SSL connection. The underlying algorithm of RTMPE remains the same, but a secure SSL connection precludes a man-in-the-middle attack from unknown third parties. However there is still the case in which the client can grants access to a third party.  Through  this user can download the stream content.  In that case the video download is easy, leaving the content provider vulnerable to the potential piracy from end users for illegal distribution.

Security

RTMP Stream Encryption

As explained, RTMP stream never has a block of data, only a pointer to the current live data. Owing to this no local storage of data RTMPE occurs. RTMPE can therefore, with an additional layer of security, be a means for video transmission locally. As discussed, RTMPE was quite different from other streaming players in concept of its streaming protocol. Thus, not many downloaders or plugins are built to grab it. Thus, it has a certain level of protection sometimes pitched with it.

RTMPDump to Download RTMP Videos

RTMP dump is an RTMP toolkit to connect to Flash Media servers just like normal flash players. It stores the data from the RTMP connection, sometimes used to capture the stream from the server. This allows local saving of the video file. This opens a means by which TV shows and videos on demand being streamed via this can be downloaded to cause piracy.

RTMP Stream and Content Delivery Networks(CDN)

RTMP also requires direct constant connection with a Flash Media Server throughout the period of playback, as there is no local storage. Every flash client has to maintain state with the media server all the time.  This results in higher CDN cost. 

Currently, CDNs have started to phase out RTMP. Although CDNs Akamai and Amazon Cloudfront have committed to supporting its streaming, they accept that usage traffic has declined considerably over the previous years. Limelight supports RTMP for video ingestion from content provider to CDN server, which routs to the video user through HTTP. 

Alternative to RTMP – High Secure & Smoother Streaming

As seen above, it has primary two problems –
1. Poor streaming due to no future buffer and constant server to player connections.
2. Downloadable through RTMPdump compromises security from piracy.

VdoCipher encryption through backend OTP

VdoCipher offers completely encrypted data transfer, viewer specific watermarking and backend authentication. This ensures highest security from any downloader or plugin looking to hack content. The OTP given to the specific viewer is authenticated at backend, precluding access from anyone except the intended video user.
VdoCipher has a progressive buffer-conserving player. On seeking the video to past or future timeline, the buffer remains conserved, thereby demanding lower bandwidth. Our video player is optimised for serving at both low and high bandwidth – VdoCipher serves viewers in tier II and tier III cities in India, we also have major clients across Africa. Our streaming has been highly effective even at lower connection speeds.

For a full version 5 GB free trial , please visit VdoCipher.

Ref – 1

Video Streaming Hosting VdoCipher

All these things, VdoCipher handles for you. Launch Today.

 

Encrypted Video Streaming: VdoCipher & Others

The main encrypted video streaming protocols in use by most streaming providers are Apple’s HLS Encryption (HTTP Live Streaming) , HTTPS (HTTP Secure), Real Time Messaging Protocol (RTMP) and RTMP Encrypted (RTMPE). HLS encryption, with AES 128 bit encrypted streaming, in particular is widely used and marketed by companies as a completely secure streaming protocol. However, inspite of the existing security features, these streaming protocols are insufficient as complete encrypted streaming protocols themselves. This is because, from the perspective of protecting content from piracy, their security flaws lie in:

  • Partial encryption of streaming content
  • Open key exchange mechanism for decryption

The security vulnerabilities in these encrypted streaming protocols have led to design of tools that may be used to decrypt the encrypted video content, thereby allowing illegal and un-authorized downloads. These tools include IDM, Video Download Helpers, RTMPDump and many similar other tools used for pirating proprietary content.

Although widely used, these streaming protocols are not the only streaming protocols that can be used. VdoCipher uses a modified version of the existing streaming protocols to increase video security, and minimize bandwidth usage.

Here we explain how VdoCipher Encrypted Video Streaming works, and how our proprietary encrypted video streaming technology is hackproof. Complete workflow is mentioned below. Steps 5 and 6 of the video streaming workflow are the key differentiators.

Video Streaming Hosting VdoCipher

All these things, VdoCipher handles for you. Launch Today.

  1. Upload

    The video content is uploaded by the registered customer through Desktop, FTP, Drop Box, directly from server and direct from URL. VdoCipher supports all typical video formats.

  2. Transcoding for Protected Streaming

    At VdoCipher we have designed our own proprietary format that we convert videos in. It is in this format that the encrypted streaming takes place in. After user uploads the video the VdoCipher player converts content into encrypted format. The video is transcoded for optimization at multiple bitrates, so that viewers on networks of any quality can conveniently view videos.

  3. Storage of Encrypted Content

    The videos are stored securely on Amazon’s AWS S3 servers using our own server-side encryption technology, creating a double layer of protection.

  4. Encrypted Video Transfer – Differentiator

    Now the encrypted content has to be streamed to the final viewer interface , be it app or browser. Unlike many other streaming protocols, there are two key differences:

    Firstly, the entire stream (not partial) is encrypted using a non-public key whose exchange mechanism is hidden and is proprietary. Others like RTMP does it partially and not fully secure.

    Secondly, the transfer of this encrypted content is not through direct access to the video file. There is a one time URL that is generated and the content is transferred in different chunks to optimize streaming.

  5. Licensing & Authentication – Differentiator

    If the video has a direct video URL that can be shared, then the encrypted video streaming has completely ineffective security. This is because there can be multiple browser playback of the same video, and therefore the video can be easily downloaded. Our key service differentiator is that we have One Time generated video URLS. These URLs are accessed only through custom video embed codes, allowing licensing duration for each single video stream. This prevents any URL based sharing.

  6. Decryption & Playback – Differentiator

    Finally, the encrypted stream content is decrypted inside the player with a dynamic key. Our proprietary key transfer protocol is fundamentally different from the public key transfer protocol in cases of HLS, HTTPS and RTMPE Encrypted Streaming Protocols.

    A private key transfer between the website and our API signifies that it is not possible for hackers to decrypt our streams. The One Time encryption that we use is theoretically and practically hack-proof . We regularly update our authentication mechanism to keep the security features up to date.

    Video licensing and playback are combined to generate customizable viewer specific watermarks. Within the watermark offering, IP address, Email ID  and User ID can be shown as light transparent watermark, to identify a playback session by the viewer.

    Result – Progressive High Secure Video Streaming

    Through this 6-step Video Hosting, Encryption and Streaming process, VdoCipher is able to provide a progressive high security video streaming with future buffer possible. This is also different from RTMP which does not maintain any buffer and can be quite erratic as a result.  Also, once a part of a video is buffered it remains conserved, even when the viewer seeks back or forth. This ensures fastest loading times and minimal bandwidth usage for secure video streaming.

encrypted video streaming                          To try the product trusted by customers across 30+ nations secure video streaming, Add more revenues by eliminating video piracy, have a full free 5 GB trial at www.vdocipher.com

 

3 Offline Encoder For Video Conversion: MAC & Windows

There are a lot of instances where the raw video file after camera recording is quite large in size. If it is not on a server or url, it becomes quite difficult to upload it to online sites like VdoCipher.  To solve this problem there are offline encoder or converters or transcoders which convert the huge video files into decent size without any visible lose in quality. Some of these tools can also be used to convert files into different formats for video and audio. Here are the details of top 3 offline encoder

Offline Encoder & Converters For Reducing Video Size & Formats

  1.  WinFF for Windows

    Please visit this link to donwload the software
    http://winff.org/html_new/

    1-  Add the videos using the tool button.
    2- Choose MPEG-4 in the Convert-to.
    3- Select MPEG-4 1080p as the preset.
    4- Click on options to show more tabs.
    5- Go to video tab.
    6- Enter 2500 as the video bitrate (units is 2500kbps).  This is the bitrate we have experienced high enough to be HD, Users can also try with 1500 or 2000 kbps. It shall also work fine for most of the cases , specially if the movement in the video is quite less.
    7- Tick the checkbox 2 pass below it.
    8- Click on convert tool button.
    9- Wait for the video to complete.
    10- This process might consume high CPU.

  2. VLC Media Player for MAC & Windows

    It is quite unknown fact that even VLC media player can be used as an offline encoder to convert and change videos. Here are the steps –

    • Go to Media > Convert/Save >  In file tab add your raw video or audio file.
    • Click on the  “down arrow” mark on the Convert/Save button and Select “Convert”.
    • Now, provide the format in the “Profile” drop down, also provide the destination source.
    • Click on “Start”,  the conversion will start and after the completion, the converted file will be available in the destination source.

http://www.videolan.org/vlc/index.html

3. Prism Video Converter for Windows & Mac

http://www.nchsoftware.com/prism/

It is quite easy to use software to convert and resize videos. There is both a free and commercial version available. The UI is quite clean and it is almost drag and drop.

For online encoding , VdoCipher has also a customized detailed UI + API trans-coding setup for enterprises. All popular video formats (more then 15 ) are supported , video size, bitrates , type of encoding all can be specified. By default VdoCipher converts videos to its own proprietary encrypted format but for large enterprise cases it does custom transcoding as well.

 

Video Streaming Hosting VdoCipher

All these things, VdoCipher handles for you. Launch Today.

Offline Encoder Online Transcoder

VdoCipher Transcoding

Register for a full version 5 GB Free trial at www.vdocipher.com

Why Not to Host Your Own Videos? Challenges in Self-hosting videos

At VdoCipher we have worked with thousands of online businesses for their secure video hosting. In this period we have developed a broad understanding of the video hosting requirements that businesses have. A number of our customers had previously tried to self host video content. Here we share our learnings from working with our customers.

We see that in many cases, the first idea that comes to the video creator is to self host videos. This means having an in-house team to handle the video streaming & hosting technology. However, handling the video hosting on their own end is often not technically and economically feasible. A lot of businesses realize this only after spending valuable time and resources into developing an inefficient video hosting infrastructure. Many IT service companies that do not have video as a primary offering also come to this realization at some point.

Here we list the primary reasons as to why you should not self host videos.  Most of these recommendations apply to both high-budget and economy users, as both the service offerings and price points of premium online video platforms (OVPs) deliver better returns on investment than could be obtained from self-hosting videos.

5 Reasons Not to Self host Videos ,Why ?

  1. Server and CDN setup, Scaling, Automation for streaming

    When hosting videos on static web pages, each time the webpage loads the video is loaded as well. Handling 100s of users loading your video player each minute would require multiple cores of servers and Content Delivery Network implementation. The video hosting infrastructure should have the capacity to serve users at peak times, when there are maximum users on the page.
    It is a lot different doing these for static sites & video stuff. Handling multiple cores of servers, implementing CDN, ensuring it goes well during peaks and scales well, is a tough job. Here is an example to explain better.

    Consider a webpage that hosts a 5-minute video, getting 100 pageviews in a minute. These 100 users who came within a minute on the web page were in real time loading the page and requesting objects from server. These server requests were being generated at different milliseconds – there were never 100 simultaneous users, they had loaded the page at different milliseconds. While all the other page elements are loaded at different times within the one minute window, in the case of video every user is simultaneously fetching content. For a 5 minute video all the users will be fetching content at same millisecond level from servers, overloading the server hosting your website. This can therefore overload the server, and lead to your website crashing. For this reason optimization of hosting infrastructure requires that your video hosting and website hosting be on separate servers. Setting up a separate server for handling videos would again require a whole new server setup process, adding to your responsibilities considerably.

    VdoCipher offers cloud server video hosting, freeing you from server hosting requirements

    You wouldn’t want to spend all your time figuring out your hosting server now, would you?

  2. Protecting Videos from Download and Piracy

    If you choose to self host videos , you would most likely be providing a direct video video URL from your video hosting server to the site. This can make your video vulnerably to download from a lot of free downloaders and plugins such as IDM and Download Helper. These plugins are widely available on the web, which leads to loss of revenue from content owing to video piracy. Secure Online Video Platforms would safeguard your content from online video piracy.

    Use secure video hosting to protect content from being pirated

    Protect your videos from Jack Sparrows

  3. Encoding for multiple devices & Bitrates

    Currently the video codecs segment is highly fragmented. Apart from Chrome, which supports almost all the popularly used codecs (H.264, WebM, Ogg), none of the web browsers supports all the major codecs. For instance, Safari and Internet Explorer support only H.264 encoding and not WebM or Ogg, whereas Firefox, the next most popular browser after Chrome, does not support H.264 codecs. When self-hosting videos, you would need to transcode specifically in each of the codecs. Encoding is again a server + CPU intensive process. A different file is needed when viewing a video on a phone and when viewing the video on your PC or HD television. You would need to transcode videos for desktop, iOS and android separately. Also encoding is required for different bitrates, so that your viewers can watch your videos across all devices smoothly and seamlessly.Transcoding on cloud server for secure video hosting

  4. Video Player – Controls, Adaptive, Customization

    Video.js is a JavaScript and CSS library that is used as an HTML5 video player. Using the Video.js library requires a great level of coding. For this reason it is recommended that you opt for a secure online video platform (OVP) over coding from scratch. Apart from the initial setup, additional customizations required are adding desired colors, themes, bitrates, sizes and adaptation to aspect ratio. This customization is required to allow video playback across multiple devices and browsers.

  5. Costs of Large development team & Time to launch Video business

    If you are willing to setup your own video infrastructure in-house, it is important that you look at the bottomline of costs and time of development. This includes spending on the development team, at which point you would need to understand salary costs of developers. Besides, in-house development would take months to launch, in which period you would need to bring together a team for setting up the video infrastructure and understanding the hosting requirements. Besides the one-time setup costs, you would need a dedicated team to troubleshoot problems. VdoCipher online video platform has the necessary video infrastructure, and our support ensures that your videos faces minimal downtime. You can get started with using VdoCipher in just about 10 minutes, and can integrate your website with our hosting service in 3 days, with full support from our customer experience team. VdoCipher uses AWS & Akamai at backend to ensure great cloud availability.

Still not convinced? Shawn Hesketh at WP101 has written a comprehensive post on why you should never host your own videos.

For a full version free trial of most secure and reliable streaming solution, register at  www.vdocipher.com

Not Self Host videos , Video Streaming Hosting VdoCipher

All these things, VdoCipher handles for you. Launch Today.

Setting desired bitrate for video playback for multiple devices

Different devices and internet speeds require different bitrate to be served. Based on device type and your viewer connection, some of you may opt to provide particular bitrates forcefully.  Often you like to provide playback at the certain quality or constrain the network data. Bitrate, Dimensions ,Quality thus can be configured. Below are the steps.

First, Send in an extra parameter while setting up the otp. Append a post parameter called “forcedBitrate”. This need to be an integer. During load time, the player obtains the list of available resolutions from the server. If the forcedBitrate is set, it starts playing the bitrate which is closest to that one.

Example

If you have a video with bitrates created at [300, 900, 1500, 2100].  By default, the player will try to guess the correct bitrate based on a number of factors. If you believe that the default rate should be 900, set the value of forcedBitrate to 900. If the forcedBitrate is set to 1100, then player will calculate the bitrate closest to it and play it. This will ensure that the player will continue playing inspire of any error.

Here is a sample curl command for the otp call with forcedBitrate included:

curl 'http://api.vdocipher.com/v2/otp?video=xxxxxxxxxxxxxx' -H 'Content-Type: application/x-www-form-urlencoded' --data 'clientSecretKey=CLIENT_SECRET_KEY&forcedBitrate=1100'

Check the Api page under /otp for more info and other APIs.

AWS + CDN Infrastructure: Hosting, Streaming Details

Video Hosting & Streaming for premium use cases require a robust, scalable and secure infrastructure. I will give a brief overview of the tech stack deployed by VdoCipher in terms of Server, CDN, Encoding infrastructure to effectively ensure smoothest delivery of video content.

Here are the details explained with the help of an infrastructure diagram.

Infrastructure

  1. Upload & Storage

    The videos on VdoCipher can be uploaded from devices, server, video url, ftp, dropbox, already existing vimeo pro account. The uploaded videos direct go to Amazon (AWS) S3 servers. We have S3 storage locations across Asia (Singapore, Mumbai), Europe (Frankfurt), USA (North Virgina), to ensure faster upload speeds and closer access of content possible during first time when streamed. For regular access of same content, CDN starts playing a major role rather then the storage. We also have AWS acceleration enabled for the accounts to ensure speedy uploads and reduced error rates.
    VdoCipher accepts videos in more than 15 standard video formats. The storage security protocols as followed by AWS are at place ensuring highest content protection from the server side. Further more, VdoCipher stores the videos in encrypted format , more details come below.

  2. Transcoding & Encryption

    VdoCipher has its own AWS EC2 on the spot instance setup systems for transcoding. As we have a lot of already existing customers, a lot of the CPUs are already running for encoding. VdoCipher converts video to multiple bitrates and in case of quite high sized camera recorded videos , vdocipher automatically converts them to decent bitrate, keeping the same quality. The conversion for encryption and various devices is also done at this point.

  3. CDN & Streaming

    This is the major tech part of the whole system which has to be optimized and take care of to ensure best viewer experience. Content Distribution Network (CDN) are geographically diverse located small pops which help in caching popular video content. VdoCipher uses a combination of AWS CDN CloudFront + Akamai to distribute content. These are the top two international tier CDNs helping video industries to make billions of revenues. Here is an example – Say the video is stored in North Virgina Region of AWS S3. Now some viewer in New york tries to access the content through VdoCipher embedded video on customer site. Now, for the first time in a day , the content will directly reach him from Virgina. Suppose, some body else or the same person again tries to access the content from New york on the same day. This time the video will be served from the cached part at New york Pop. The science behind is not so simple and involves lot of optimizations, if – else & caching algorithms, video chunks being monitored. It is taken care of by VdoCipher, AWS, Akamai objectively and our customers need not worry of any of these. VdoCipher has customers across all 6 continents and has great tech experience and skills to oversee this.

    It is worthy to note that VdoCipher uses its own proprietary  streaming technology that allows it to transfer fully encrypted content + watermarking. Other then the server + CDN from the partner companies (AWS, Akamai), VdoCipher has put a lot of efforts in optimizing the quality of streaming to ensure faster load speeds & buffer retention. Buffer retention means that on seeking back or forth during a video playback, the video already loaded is not flushed out. The buffer remains conserved, this ensures smooth streaming even at poor net connections. Also, it minimizes bandwidth costs for you and your viewers.

  4. Licensing or Authentication of Stream

    Most of the video hosting companies who provide a fixed url from server to access the video, results in url based video sharing and piracy. VdoCipher through its APIs & plugins provide a custom embed code , which invokes a different video url which is generated uniquely for each playback. There is a one time password (OTP) based authentication , ensuring each video url plays only one time.  Custom licensing like ip restriction, time restriction can be done by VdoCipher on enterprise demands.

    To start streaming with a full version free trial with us, Register at VdoCipher.

Faster video upload to VdoCipher: AWS acceleration + Aspera

Now you can enjoy speedy video upload even of large size from your dashboard & APIs to VdoCipher dashboard. The speedy functionality works with all kinds of video upload- from desktop, ftp, url, server, dropbox. The speeds of video upload to VdoCipher servers now show improvements typically in the range of 50% to 500% for cross-country transfer of larger objects, but can go ever higher under certain conditions.

Technology behind faster uploads:

  1. AWS S3 accelerations – Amazon S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket. Transfer Acceleration takes advantage of Amazon CloudFront’s globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path. We are providing this feature at no extra costs to our customers. Automatically built in and integrated with VdoCipher workflow for free and paid accounts.
  2. Asperasoft – Aspera (an IBM company),  helps in receiving terabytes of file-based content per day, from providers at even global distances with simplicity, high speed and low cost – minimal  investment in hardware and Internet bandwidth and a single transfer stream per provider. It also eliminates costly re-sending of files when transfers failed with FTP, laborious monitoring, and network collapse caused by data blasters or parallel FTP streams. VdoCipher uses Aspera for some large enterprise media cases and the costs for it are quite affordable.

So, register for 5GB free trial at VdoCipher.com, upload, embed and enjoy most secure and smooth streaming solution for your online business.

 

 

ASP.net C# web forms embed vdocipher video

The following code is the complete set up for embedding video in ASP.NET Web forms using vdocipher secure streaming. This code has been generated using Visual Studio Community 2015.

For the MVC implementation, please check: https://www.vdocipher.com/blog/2016/02/example-code-for-streaming-protected-video-in-asp-net/

For  vbscript implementation of aspx, check this: https://www.vdocipher.com/blog/2015/01/asp-net-implementation-vdocipher-api/

Vdocipher video in asp.net: aspx and aspx.cs files:

Do not save API Secret in the code

API secret is a key which gives your website authority to generate access tokens (OTPs) for video playback. This secret key can also be used to upload, delete videos in your vdocipher account. Hence, it should not be hard-coded in the application. It should be kept as an app secret. In the above example, it has been added to the web.config file which is not the recommended method. Please read this official article on best practices of saving secret keys in ASP.NET.

Complete code

Download the complete sample application from the Github.

Adding watermark to the videos

Watermark can be added when generating the OTP in the controller file. Please read this article on structuring your watermark and a sample code. The watermark has to be URLencoded and sent as a post data. You shall need to change around line 33 to send annotation information. Let us know if you find any trouble with the watermark setup.

A note about caching

OTP generated here is temporary. You can not cache this OTP and send it to multiple users as it might cause trouble. The OTP once used gets expired and can no longer be used to play video. Some extensions might try to automate the page rendering and especially when on pages which do not need login. The configuration must be set to make sure pages with embedded videos are not cached and cause error while playback.

vdocipher api illustration

For reference about how everything works, please check API reference.

Do let us know about your experiences setting up your secure video in asp.net to create your own PPV or subscription-based video portal. and how we can make the integration simpler.

Video upload from website or server to vdocipher API

[The following article on video upload is based on vdocipher API v2 which is the latest version]

We use Amazon aws storage to store original user videos securely in AWS S3. With an intent to automate their online business, many of our customers wish to allow their users to upload videos directly from their website. To enable this, we have a API call that returns an authenticated policy document which is used video upload into a S3 bucket allotted to your account.

Step 1 (Obtain authorized access):

Create authorized video upload request with your API secret key.

Request
Endpoint: https://api.vdocipher.com/v2/uploadPolicy
Content type: application/x-www-form-urlencoded
Method: POST
PostData: clientSecretKey=API_SECRET_KEY&title=newTitle
Response
Content-Type: application/json

{
 policy:
 key:
 x-amz-signature: 
 x-amz-algorithm: ,
 x-amz-date:
 x-amz-credential: 
 policy:
 upload_link_secure:
 video_id:
}

The API call has returned a set of parameters that must go with the video upload call to the AWS S3 endpoint. We shall refer to this JSON object returned above as uploadData.

The policy document is valid only for the next 1 hour. It is recommended to make the video upload immediately after creating the authorized access. There is also a soft restriction on the number of upload calls every hour, so it is advised to create it only after the user has chosen to upload the video. It should not be made every time somebody loads their dashboard or mobile app.

This call must be made from a secure environment such as your server. This should not be called from a mobile device or the browser to protect your API key. The uploadData should then be passed to user’s device (mobile or browser) to do the file upload.

Step 2 (Video upload via S3 API):

Upload the file to amazon s3 directly. This upload can be made using server code or using an HTML5 form. You can use any third party upload library to make the upload script. The famous ones already have tutorials on setting it up with S3 upload.

application Request
Endpoint: https://{bucket}.s3.amazonaws.com/
Method: POST
PostData:
 'x-amz-credential': uploadData['x-amz-credential'],
 'x-amz-algorithm': uploadData['x-amz-algorithm'],
 'x-amz-date' : uploadData['x-amz-date'],
 'x-amz-signature': uploadData['x-amz-signature'],
 key : uploadData['key'],
 policy : uploadData['policy'],
 success_action_status : 201,
 success_action_redirect : 'http://example.com'
 file: <file content>
  • upload_link_secure string – The vdocipher storage location that has been allocated for this file
  • key string – A name for the S3 object that will store the uploaded file’s data
  • policy string – authorization string
  • x-amz-signature string – A signature value that authorizes the form and proves that only vdocipher could have created it.
  • x-amz-credential string – These must be accompanied in the upload request.
  • x-amz-algorithm string
  • x-amz-date string
  • success_action_status integer – The status code returned upon successful upload if success_action_redirect is not specified.
  • success_action_redirect string(optional) – Specifies if to redirect to a URL after a successful post instead of issuing a 201.

If everything goes right, the response from the above request should be:

Response
<?xml version="1.0" encoding="UTF-8"?>
<PostResponse>
  <Location>https://vdo-ap-southeast.s3.amazonaws.com/orig%2F5555555555555</Location>
  <Bucket>vdo-ap-southeast</Bucket><Key>orig/5555555555555</Key>
  <ETag>xxxxxxxxxxxxxxxxxx</ETag>
</PostResponse>

You can ignore the content of this response. Now, the video status should be shown as Queued or Processing in the API or on your dashboard. The video will get processed after some time. You can poll the API or configure the web hooks(coming soon) to know the time when video is ready. You should only load the video player if the video is ready.

 

Some sample code for the above operations:

Custom variables as watermark on wordpress videos

Watermark on videos adds extra security for the video from screen capture by adding variables such as email, IP or date information to the videos. Custom variables is now supported in plugin 1.6

Till version 1.5 of our WordPress plugin, watermark on videos could only have a limited number of dynamic variables. With version 1.6, we have now added filter hooks on the annotation code to enable other plugins or themes to change the annotation code.

You can now add a custom filter to the hook `vdocipher_annotate_preprocess` . Example code for adding custom filter is:

function customfunc($vdo_annotate_code){
 $customVariable = "Hello world";
 $vdo_annotate_code = str_replace('{var1}', $customVariable, $vdo_annotate_code);
 return $vdo_annotate_code;
}

$er = add_filter('vdocipher_annotate_preprocess', 'customfunc');

The above code enables you to replace the token {var1} with the value of $customVariable. You can then use an annotation code like:

[
{'type':'rtext', 'text':'Your IP : {ip}', 'alpha':'0.8', 'color':'0xFF0000','size':'12','interval':'5000'},
{'type':'text', 'text':'{var1}', 'alpha':'0.5' , 'x':'150', 'y':'100', 'color':'0xFF0000', 'size':'12'}
]

This code on going through the above filter will become

[
{'type':'rtext', 'text':'Your IP : {ip}', 'alpha':'0.8', 'color':'0xFF0000','size':'12','interval':'5000'},
{'type':'text', 'text':'Hello world', 'alpha':'0.5' , 'x':'150', 'y':'100', 'color':'0xFF0000', 'size':'12'}
]

This function can be placed in the functions.php file in your theme. It is recommended to create a child theme before making such edits. The theme

Adding video specific watermark

With this tool, you can also set custom variables for different video or wire up your own logic using any WordPress parameters.