April 14, 2014

Streaming HLS from behind reverse proxy

There are use cases when a media streamer is putting Nimble Streamer media server behind the reverse proxy. This is usually done for security reasons and works pretty good.

But there is a side effect of this solution. For each connection, Nimble Streamer gets the IP of the proxy instead of IP of the viewer. This means that geo-location reporting for HLS and other HTTP protocols would be shown incorrectly. Also, WMSPanel hotlinking protection and geo-lock will not work since it's based on IP as well.

For HTTP-based protocols like HLS, SmoothStreaming and Progressive download this can be solved via processing X-Forwarded-For header.

We've recently added processing capability option to handle this HTTP header in Nimble Streamer. You need to follow these easy steps.

1. Open Nimble Streamer configuration file called /etc/nimble/nimble.conf and add the following parameter:
cdn_origin = true

2. Restart Nimble.
For Debian/Ubuntu run:
sudo service nimble restart
For Red Hat Enterprise Linux 6 / CentOS 6 run:
sudo service nimble start

That's it. Nimble Streamer will be obtaining customers' IP addresses correctly.

Web interface changes for WMSAuth


If you use WMSAuth paywall feature set and your web interface is also located behind the proxy, (e.g. in case you use CloudFlare) you may also need to update your media signature code, as described in this article.


Contact us if you face any difficulties with the setup.

Related documentation


Nimble HTTP StreamerPay-per-view for Nimble StreamerNimble Streamer HTTP hotlinking protectionNimble configs explainedDispersa streams monitoring, HDS re-streaming

No comments:

Post a Comment