- Release Notes and Announcements
- Release Notes
- Announcements
- Announcement about the addition of mobile player SDK premium features authorization verification
- Announcement about the addition of web player SDK license authorization verification
- Announcement on the Official Launch of the Video on Demand Real-Time Log Analysis Feature
- Notice about the adjustment of the VOD adding domain feature
- Announcement on official commercial billing of Video on Demand STANDARD_IA data retrieval and Application Management functions
- Announcement on the Official Launch of the Media Quality Inspection and Play Channel Features
- Announcement on the official launch of the Video-on-Demand QUIC Acceleration feature
- VOD Launched Remaster Feature
- Prepaid Packages Supported for Monthly Billed Accounts
- Cost Allocation by Tag Supported
- Content Moderation Upgraded
- VOD Player Signature Upgrade
- Live Clipping to Become Paid Feature
- Content Recognition to Become Paid Feature
- The “startPlay” API of the Player SDK Renamed
- TESHD Renamed as TSC
- Announcement on VOD Video Acceleration Price Change
- Launching Video on Demand (VOD) Features for Regions Outside the Chinese Mainland
- About Changing the Billing Rule of Transcoding Service for VOD/MPS
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Console Overview
- Service Overview
- Application Management
- Media Management
- Package Management
- License Management
- Real-Time Log Analysis
- Best Practice
- Media Upload
- Smart Cold Storage of VOD Media Asset Files
- Video Processing
- Distribution and Playback
- How to Receive Event Notification
- How to Migrate Files from Origin Server to VOD
- Live Recording
- How to Make VOD Videos Live Streaming-Like
- Using VOD and WordPress to Build a Website
- How to Pull from Custom Origin Servers
- Development Guide
- Player SDK
- Server APIs
- History
- Introduction
- API Category
- Other APIs
- Media processing related API
- No longer recommended APIs
- Task Management APIs
- Media Upload APIs
- Media Management APIs
- Media Categorization APIs
- Distribution APIs
- AI-based Sample Management APIs
- Region Management APIs
- Statistics APIs
- Just In Time Transcode APIs
- Making API Requests
- AI-based image processing APIs
- Parameter Template APIs
- CreateWatermarkTemplate
- CreateSnapshotByTimeOffsetTemplate
- CreateSampleSnapshotTemplate
- CreateImageSpriteTemplate
- CreateAnimatedGraphicsTemplate
- CreateAdaptiveDynamicStreamingTemplate
- CreateAIAnalysisTemplate
- ModifyWatermarkTemplate
- ModifySnapshotByTimeOffsetTemplate
- ModifySampleSnapshotTemplate
- ModifyImageSpriteTemplate
- ModifyAnimatedGraphicsTemplate
- ModifyAdaptiveDynamicStreamingTemplate
- ModifyAIRecognitionTemplate
- ModifyAIAnalysisTemplate
- DescribeTranscodeTemplates
- DescribeWatermarkTemplates
- DescribeSnapshotByTimeOffsetTemplates
- DescribeSampleSnapshotTemplates
- DescribeImageSpriteTemplates
- DescribeAnimatedGraphicsTemplates
- DescribeAdaptiveDynamicStreamingTemplates
- DescribeAIRecognitionTemplates
- DescribeAIAnalysisTemplates
- DeleteTranscodeTemplate
- DeleteWatermarkTemplate
- DeleteSnapshotByTimeOffsetTemplate
- DeleteSampleSnapshotTemplate
- DeleteImageSpriteTemplate
- DeleteAnimatedGraphicsTemplate
- DeleteAdaptiveDynamicStreamingTemplate
- DeleteReviewTemplate
- DeleteAIRecognitionTemplate
- DeleteAIAnalysisTemplate
- DeleteHeadTailTemplate
- DeleteImageProcessingTemplate
- DescribeReviewTemplates
- CreateReviewTemplate
- CreateTranscodeTemplate
- ModifyReviewTemplate
- ModifyTranscodeTemplate
- CreateAIRecognitionTemplate
- CreateHeadTailTemplate
- CreateImageProcessingTemplate
- DescribeHeadTailTemplates
- DescribeImageProcessingTemplates
- ModifyHeadTailTemplate
- CreateQualityInspectTemplate
- DeleteQualityInspectTemplate
- DescribeQualityInspectTemplates
- ModifyQualityInspectTemplate
- CreateEnhanceMediaTemplate
- DeleteEnhanceMediaTemplate
- ModifyEnhanceMediaTemplate
- DescribeEnhanceMediaTemplates
- Task Flow APIs
- Event Notification Relevant API
- Domain Name Management APIs
- Playlist APIs
- Data Types
- Error Codes
- FAQs
- Agreements
- VOD Policy
- Contact Us
- Glossary
- Release Notes and Announcements
- Release Notes
- Announcements
- Announcement about the addition of mobile player SDK premium features authorization verification
- Announcement about the addition of web player SDK license authorization verification
- Announcement on the Official Launch of the Video on Demand Real-Time Log Analysis Feature
- Notice about the adjustment of the VOD adding domain feature
- Announcement on official commercial billing of Video on Demand STANDARD_IA data retrieval and Application Management functions
- Announcement on the Official Launch of the Media Quality Inspection and Play Channel Features
- Announcement on the official launch of the Video-on-Demand QUIC Acceleration feature
- VOD Launched Remaster Feature
- Prepaid Packages Supported for Monthly Billed Accounts
- Cost Allocation by Tag Supported
- Content Moderation Upgraded
- VOD Player Signature Upgrade
- Live Clipping to Become Paid Feature
- Content Recognition to Become Paid Feature
- The “startPlay” API of the Player SDK Renamed
- TESHD Renamed as TSC
- Announcement on VOD Video Acceleration Price Change
- Launching Video on Demand (VOD) Features for Regions Outside the Chinese Mainland
- About Changing the Billing Rule of Transcoding Service for VOD/MPS
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Console Overview
- Service Overview
- Application Management
- Media Management
- Package Management
- License Management
- Real-Time Log Analysis
- Best Practice
- Media Upload
- Smart Cold Storage of VOD Media Asset Files
- Video Processing
- Distribution and Playback
- How to Receive Event Notification
- How to Migrate Files from Origin Server to VOD
- Live Recording
- How to Make VOD Videos Live Streaming-Like
- Using VOD and WordPress to Build a Website
- How to Pull from Custom Origin Servers
- Development Guide
- Player SDK
- Server APIs
- History
- Introduction
- API Category
- Other APIs
- Media processing related API
- No longer recommended APIs
- Task Management APIs
- Media Upload APIs
- Media Management APIs
- Media Categorization APIs
- Distribution APIs
- AI-based Sample Management APIs
- Region Management APIs
- Statistics APIs
- Just In Time Transcode APIs
- Making API Requests
- AI-based image processing APIs
- Parameter Template APIs
- CreateWatermarkTemplate
- CreateSnapshotByTimeOffsetTemplate
- CreateSampleSnapshotTemplate
- CreateImageSpriteTemplate
- CreateAnimatedGraphicsTemplate
- CreateAdaptiveDynamicStreamingTemplate
- CreateAIAnalysisTemplate
- ModifyWatermarkTemplate
- ModifySnapshotByTimeOffsetTemplate
- ModifySampleSnapshotTemplate
- ModifyImageSpriteTemplate
- ModifyAnimatedGraphicsTemplate
- ModifyAdaptiveDynamicStreamingTemplate
- ModifyAIRecognitionTemplate
- ModifyAIAnalysisTemplate
- DescribeTranscodeTemplates
- DescribeWatermarkTemplates
- DescribeSnapshotByTimeOffsetTemplates
- DescribeSampleSnapshotTemplates
- DescribeImageSpriteTemplates
- DescribeAnimatedGraphicsTemplates
- DescribeAdaptiveDynamicStreamingTemplates
- DescribeAIRecognitionTemplates
- DescribeAIAnalysisTemplates
- DeleteTranscodeTemplate
- DeleteWatermarkTemplate
- DeleteSnapshotByTimeOffsetTemplate
- DeleteSampleSnapshotTemplate
- DeleteImageSpriteTemplate
- DeleteAnimatedGraphicsTemplate
- DeleteAdaptiveDynamicStreamingTemplate
- DeleteReviewTemplate
- DeleteAIRecognitionTemplate
- DeleteAIAnalysisTemplate
- DeleteHeadTailTemplate
- DeleteImageProcessingTemplate
- DescribeReviewTemplates
- CreateReviewTemplate
- CreateTranscodeTemplate
- ModifyReviewTemplate
- ModifyTranscodeTemplate
- CreateAIRecognitionTemplate
- CreateHeadTailTemplate
- CreateImageProcessingTemplate
- DescribeHeadTailTemplates
- DescribeImageProcessingTemplates
- ModifyHeadTailTemplate
- CreateQualityInspectTemplate
- DeleteQualityInspectTemplate
- DescribeQualityInspectTemplates
- ModifyQualityInspectTemplate
- CreateEnhanceMediaTemplate
- DeleteEnhanceMediaTemplate
- ModifyEnhanceMediaTemplate
- DescribeEnhanceMediaTemplates
- Task Flow APIs
- Event Notification Relevant API
- Domain Name Management APIs
- Playlist APIs
- Data Types
- Error Codes
- FAQs
- Agreements
- VOD Policy
- Contact Us
- Glossary
Overview
You can specify the expiration time in a playback URL to prevent malicious users from transferring the URL to other websites for long-term unauthorized viewing.
You can specify the maximum number of IP addresses allowed to access a playback URL to prevent malicious users from distributing the video to a large number of viewers.
You can specify the preview duration in a playback URL to allow viewers to watch only the start of your video.
You can add a region allowlist/blocklist to a playback URL.
You can add a referer allowlist/blocklist to a playback URL.
You can use a key (
KEY) to generate a signature and add it to a playback URL. As long as the key is not disclosed, the URL cannot be forged.A CDN node determines whether to allow a playback request by verifying the parameters and signature in the playback URL. If a request fails to pass the verification, a 403 response code will be returned.
Supported file formats include MP4, TS, M3U8, FLV, AAC, MOV, WMV, AVI, MP3, RMVB, MKV, MPG, 3GP, WEBM, M4V, ASF, F4V, WAV, MPEG, VOB, RM, WMA, DAT, M4A, MPD, and M4S.
Note:
For detailed directions on configuring key hotlink protection, see Setting Hotlink Protection.
Currently, the preview feature is not supported for audio files.
Generating a Hotlink Protection URL
All your videos in VOD have an original video URL. If hotlink protection is not enabled, the original video URL can be used to play back the video.
After key hotlink protection is enabled, your videos will no longer be playable via the original URLs. You need to generate hotlink protection URLs for them.
You can generate a hotlink protection URL for a video by adding hotlink protection parameters at the end of the original URL in the form of a query string. Below is an example:
http://example.vod2.myqcloud.com/dir1/dir2/myVideo.mp4?t=[t]&exper=[exper]&rlimit=[rlimit]&us=[us]&whreg=[whreg]&whref=[whref]&sign=[sign]
Below are descriptions and values of the parameters in a hotlink protection URL.
Hotlink protection parameters
Parameter | Required | Description |
KEY | Yes | The key used when key hotlink protection is enabled. It can contain 8–20 letters (a–Z) or digits (0–9). We recommend you generate this key in the console. For detailed directions, see Setting Hotlink Protection. |
Dir | Yes | The part of the original video URL with the filename removed. For example, if the original URL is http://example.vod2.myqcloud.com/dir1/dir2/myVideo.mp4, then the playback path is /dir1/dir2/. |
t | Yes | The expiration time of the playback URL, which is a Unix hexadecimal timestamp in lowercase. Once expired, the URL will become invalid, and a 403 error will be returned. Given the potential time differences between devices, we recommend you set the expiration time five minutes (300 seconds) later than the actual time you want the URL to expire. The validity period of the URL should be longer than the video length so that the full video can be played. |
exper | No | The preview duration in decimal seconds. If this parameter is left empty or set to 0, preview is disabled (the full video will be returned). The preview duration must be shorter than the original video duration; otherwise, playback may fail. |
rlimit | No | The maximum number (decimal) of IP addresses allowed to play the video. The maximum value is 9. If this parameter is left empty, there is no restriction. Suppose you want your video to be played by only one user. We do not recommend setting rlimit to 1 (instead, set it to 3, for example). This is because the IP of a mobile device may change after a reconnection. |
us | No | The URL ID, which randomizes a hotlink protection URL and improves its uniqueness. We recommend you use a random us value every time you generate a hotlink protection URL. |
whreg | No | A list of regions allowed to play the video. You can specify 1-10 three-letter region codes. Separate the codes with commas. |
bkreg | No | A list of regions banned from playing the video. You can specify 1-10 three-letter region codes. Separate the codes with commas. |
whref | No | A list of domains allowed to play the video. You can specify 1-10 domains. Leave out the http:// and https:// prefix, and separate the domains with commas. If you pass in abc.com, it will cover lower-level domains such as abc.com/123 and abc.com.cn. Wildcards are supported. For example, you can pass in *.abc.com. |
bkref | No | A list of domains banned from playing the video. You can specify 1-10 domains. Leave out the http:// and https:// prefix, and separate the domains with commas. If you pass in abc.com, it will cover lower-level domains such as abc.com/123 and abc.com.cn. Wildcards are supported. For example, you can pass in *.abc.com. |
sign | Yes | The hotlink protection signature, which verifies the validity of a hotlink protection URL. It must be a 32-character hexadecimal number. A 403 error will be returned if a URL fails to pass the signature verification. For how to generate the signature, see below. |
uv | No |
Signature calculation formula
sign = md5(KEY + Dir + t + exper + rlimit + us + whref + bkref + whreg + bkreg + uv)
+ in the formula is used to concatenate two strings. Optional parameters can be empty strings.Examples of Hotlink Protection URL Generation
Assume that you have a video in VOD and its original playback URL is
http://example.vod2.myqcloud.com/dir1/dir2/myVideo.mp4. You have enabled key hotlink protection. The generated key is 24FEQmTzro4V5u3D5epW, and the generated random string is 72d4cd1101, and now you want to:1. Generate a hotlink protection URL for this video and set the expiration time of the URL to 20:00 on January 31, 2018 (1517400000 in Unix time).
2. Generate a preview URL and set the preview duration to the first five minutes of the video (the original video duration is longer than five minutes).
3. Set the maximum number of IP addresses allowed to play the video to three.
The following describes how to generate hotlink protection URLs for three different example scenarios.
Example 1. Limiting the expiration time
Step 1. Determine the hotlink protection parameters
Parameter | Value | Description |
KEY | 24FEQmTzro4V5u3D5epW | The key you set when enabling key hotlink protection. |
Dir | /dir1/dir2/ | The part of the original video URL with the filename myVideo.mp4 removed. |
t | 5a71afc0 | The expiration timestamp (1517400000) converted to hexadecimal. |
us | 72d4cd1101 | The generated random string. |
Step 2. Calculate the signature
sign = md5("24FEQmTzro4V5u3D5epW/dir1/dir2/5a71afc072d4cd1101") = "3d8488faeb37d52d6bf63b63c1b171c3"
Step 3. Generate a hotlink protection URL
Add the hotlink protection parameters to the original URL in the form of a query string:
http://example.vod2.myqcloud.com/dir1/dir2/myVideo.mp4?t=5a71afc0&us=72d4cd1101&sign=3d8488faeb37d52d6bf63b63c1b171c3
Example 2. Limiting the number of IP addresses
Step 1. Determine the hotlink protection parameters
Parameter | Value | Description |
KEY | 24FEQmTzro4V5u3D5epW | The key you set when enabling key hotlink protection. |
Dir | /dir1/dir2/ | The part of the original video URL with the filename myVideo.mp4 removed. |
t | 5a71afc0 | The expiration timestamp (1517400000) converted to hexadecimal. |
rlimit | 3 | Allow up to three IP addresses to play the video. |
us | 72d4cd1101 | The generated random string. |
Step 2. Calculate the signature
sign = md5("24FEQmTzro4V5u3D5epW/dir1/dir2/5a71afc0372d4cd1101") = "c5214f0d5961b13acd558b4957c4dfc5"
Step 3. Generate a hotlink protection URL
Add the hotlink protection parameters to the original URL in the form of a query string:
http://example.vod2.myqcloud.com/dir1/dir2/myVideo.mp4?t=5a71afc0&rlimit=3&us=72d4cd1101&sign=c5214f0d5961b13acd558b4957c4dfc5
Example 3. Limiting the playback duration
Step 1. Determine the hotlink protection parameters
Parameter | Value | Description |
KEY | 24FEQmTzro4V5u3D5epW | The key you set when enabling key hotlink protection. |
Dir | /dir1/dir2/ | The part of the original video URL with the filename myVideo.mp4 removed. |
t | 5a71afc0 | The expiration timestamp (1517400000) converted to hexadecimal. |
exper | 300 | Set the preview duration to five minutes (300 seconds). |
us | 72d4cd1101 | The generated random string. |
Step 2. Calculate the signature
sign = md5("24FEQmTzro4V5u3D5epW/dir1/dir2/5a71afc030072d4cd1101") = "547d98c4b91e81b5ea55c95cef63223f"
Step 3. Generate a hotlink protection URL
Add the hotlink protection parameters to the original URL in the form of a query string:
http://example.vod2.myqcloud.com/dir1/dir2/myVideo.mp4?t=5a71afc0&exper=300&us=72d4cd1101&sign=547d98c4b91e81b5ea55c95cef63223f
Key Hotlink Protection URL Generator and Checker
VOD provides a key hotlink protection URL generator and checker for you to quickly and accurately generate and check hotlink protection URLs.
Notes
This feature is optional and disabled by default.
After key hotlink protection is enabled, the original video URL can no longer be used for playback. You need to generate a hotlink protection URL according to the rules specified above.
The key (
KEY) must contain 8–20 letters or digits.If a hotlink protection URL expires or its signature fails to pass the verification, the video cannot be played and a 403 response code will be returned.
Make sure the parameters in the query string of a hotlink protection URL are in the order of
t, exper, rlimit, us, and sign; otherwise, playback will fail.If you use the preview feature, make sure that the preview duration is shorter than the video duration; otherwise, playback will fail.
The preview feature has strict restrictions on video formats (for example, only H.264 is supported, and the metadata must be included in the header of the video file). Preview will fail if a video does not meet the requirements. We recommend you transcode your video in VOD before enabling preview (all transcoding files generated by VOD meet the preview requirements).
Yes
No
Was this page helpful?