SecureVideosDirectory Plugin
This tutorial shows you how to enable Apache XSendFile to prevent your videos from being accessed by external or unauthorized users. It will also help you set up the symbolic link to allow you to move your videos to another location
Get 1-hour support on our Services Site, we will do it for you
- Ubuntu 22.04
- Apache XSendFile
- SecureVideosDirectory Plugin
- Root Access to the server
- Admin user for YouPHPTube
This is necessary for secure files and configuration assistant
sudo apt-get install libapache2-mod-xsendfile && sudo a2enmod xsendfile
sudo nano /etc/apache2/apache2.conf
<Directory /var/www/html/YouPHPTube/>
Options Indexes FollowSymLinks
XSendFile on
XSendFilePath /var/www/html/YouPHPTube/
AllowOverride All
Require all granted
Order Allow,Deny
Allow from All
</Directory>
We can limit access to our video with embed contents,
No direct access is allowed but you can whitelist some server to use it in an Iframe or you can whitelist some headers so you can allow some apps to embed your videos.
- embedWhiteList: you can add one domain per row, so those sites will be able to access your embed content.
- userAgentWhitelist: you can add some user agents, for this you must use the JSON array format
["UserAgent1","UserAgent2"] - HTTP_X_REQUESTED_WITHWhitelist: you can add some REQUESTED_WITH headers, commonly sent from apps, for this you must use the JSON array format with you app domain
["com.myandroidapp","com.myappleapp"]
If you are not sure what values to add on the fields above, you may find some clue in your log file
