July 25, 2016

Block users by HTTP Referer header via WMSAuth

Nimble Streamer paywall capabilities cover several aspects of content protection. Today we add another enhancement - access control based on HTTP "Referer" header.

You may add required Referers as regular expressions into deny list to avoid them accessing the streams.

Let's see how this is set up.

Create Referers group


First, let's go to "Control" -> "WMSAuth paywall setup" top menu to see the page with the list of current WMSAuth groups. Click on Referer groups to see the page below.


Click on Add Referrer group to make a new tab for defining new group.



Enter a regular expression for the Referrer which you don't like to be used by your customers and click Add rule.


You may test it against any string by clicking on Test Referer string.


Here you can enter some referrer and see if it matches your regular expression.

Now when your Referrer group is defined, you can create a blocking WMSAuth rule.

Create WMSAuth group and rule


Go back to WMSAuth groups main page and click on Add WMSAuth group. After entering a name you'll see new group tab.

Here you can assign servers which will be blocking your viewers by Referer. Simply choose it from the list and click on Assign server.


Now click on Add rule to create a rule for applying referer block.


Enter any name and then specify the application name which is planned to be affected. You may also specify a stream name if you need so the rule will be applied to the application + stream couple.

Then scroll down to geo restrictions sections. You can see Allow and Deny lists.


Also you can see drop down lists with countries, IP ranges, User Agent groups and finally Referer groups.

Click on ">>" button to add designated referer group to Deny list.

After clicking on Update WMSAuth rule your restriction will be applied within a few seconds.


That's it - if your player will send HTTP Referer header in any request, and its content will match your regular expression, then it will be blocked.

No comments:

Post a Comment