- Release Notes and Announcements
- Release Notes
- Announcements
- Announcement on the Official Launch of the VOD Scene Transcoding Feature
- Announcement about the addition of mobile player SDK premium features authorization verification
- Announcement about the addition of web player SDK license authorization verification
- Announcement on the Official Launch of the Video on Demand Real-Time Log Analysis Feature
- Notice about the adjustment of the VOD adding domain feature
- Announcement on official commercial billing of Video on Demand STANDARD_IA data retrieval and Application Management functions
- Announcement on the Official Launch of the Media Quality Inspection and Play Channel Features
- Announcement on the official launch of the Video-on-Demand QUIC Acceleration feature
- VOD Launched Remaster Feature
- Prepaid Packages Supported for Monthly Billed Accounts
- Cost Allocation by Tag Supported
- Content Moderation Upgraded
- VOD Player Signature Upgrade
- Live Clipping to Become Paid Feature
- Content Recognition to Become Paid Feature
- The “startPlay” API of the Player SDK Renamed
- TESHD Renamed as TSC
- Announcement on VOD Video Acceleration Price Change
- Launching Video on Demand (VOD) Features for Regions Outside the Chinese Mainland
- About Changing the Billing Rule of Transcoding Service for VOD/MPS
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Console Overview
- Service Overview
- Application Management
- Media Management
- Package Management
- License Management
- Real-Time Log Analysis
- Practical Tutorial
- Media Upload
- Smart Cold Storage of VOD Media Asset Files
- Video Processing
- Distribution and Playback
- How to Receive Event Notification
- How to Migrate Files from Origin Server to VOD
- Live Recording
- How to Make VOD Videos Live Streaming-Like
- Using VOD and WordPress to Build a Website
- How to Pull from Custom Origin Servers
- Development Guide
- Player SDK
- Server APIs
- History
- Introduction
- API Category
- Other APIs
- Media processing related API
- No longer recommended APIs
- Task Management APIs
- Media Upload APIs
- Media Management APIs
- Event Notification Relevant API
- Media Categorization APIs
- Distribution APIs
- AI-based Sample Management APIs
- Region Management APIs
- Statistics APIs
- Just In Time Transcode APIs
- Making API Requests
- AI-based image processing APIs
- Parameter Template APIs
- CreateWatermarkTemplate
- CreateSnapshotByTimeOffsetTemplate
- CreateSampleSnapshotTemplate
- CreateImageSpriteTemplate
- CreateAnimatedGraphicsTemplate
- CreateAdaptiveDynamicStreamingTemplate
- CreateAIAnalysisTemplate
- ModifyWatermarkTemplate
- ModifySnapshotByTimeOffsetTemplate
- ModifySampleSnapshotTemplate
- ModifyImageSpriteTemplate
- ModifyAnimatedGraphicsTemplate
- ModifyAdaptiveDynamicStreamingTemplate
- ModifyAIAnalysisTemplate
- DescribeTranscodeTemplates
- DescribeWatermarkTemplates
- ModifyAIRecognitionTemplate
- DescribeSnapshotByTimeOffsetTemplates
- DescribeSampleSnapshotTemplates
- DescribeImageSpriteTemplates
- DescribeAnimatedGraphicsTemplates
- DescribeAdaptiveDynamicStreamingTemplates
- DescribeAIAnalysisTemplates
- DeleteTranscodeTemplate
- DescribeAIRecognitionTemplates
- DeleteWatermarkTemplate
- DeleteSnapshotByTimeOffsetTemplate
- DeleteSampleSnapshotTemplate
- DeleteImageSpriteTemplate
- DeleteAnimatedGraphicsTemplate
- DeleteAdaptiveDynamicStreamingTemplate
- DeleteReviewTemplate
- DeleteAIRecognitionTemplate
- DeleteAIAnalysisTemplate
- DeleteHeadTailTemplate
- DeleteImageProcessingTemplate
- DescribeReviewTemplates
- CreateReviewTemplate
- CreateTranscodeTemplate
- ModifyReviewTemplate
- ModifyTranscodeTemplate
- CreateHeadTailTemplate
- CreateImageProcessingTemplate
- CreateAIRecognitionTemplate
- DescribeHeadTailTemplates
- DescribeImageProcessingTemplates
- ModifyHeadTailTemplate
- CreateQualityInspectTemplate
- DeleteQualityInspectTemplate
- DescribeQualityInspectTemplates
- ModifyQualityInspectTemplate
- CreateEnhanceMediaTemplate
- DeleteEnhanceMediaTemplate
- ModifyEnhanceMediaTemplate
- DescribeEnhanceMediaTemplates
- Task Flow APIs
- Domain Name Management APIs
- Playlist APIs
- Data Types
- Error Codes
- FAQs
- Agreements
- VOD Policy
- Contact Us
- Glossary
- Release Notes and Announcements
- Release Notes
- Announcements
- Announcement on the Official Launch of the VOD Scene Transcoding Feature
- Announcement about the addition of mobile player SDK premium features authorization verification
- Announcement about the addition of web player SDK license authorization verification
- Announcement on the Official Launch of the Video on Demand Real-Time Log Analysis Feature
- Notice about the adjustment of the VOD adding domain feature
- Announcement on official commercial billing of Video on Demand STANDARD_IA data retrieval and Application Management functions
- Announcement on the Official Launch of the Media Quality Inspection and Play Channel Features
- Announcement on the official launch of the Video-on-Demand QUIC Acceleration feature
- VOD Launched Remaster Feature
- Prepaid Packages Supported for Monthly Billed Accounts
- Cost Allocation by Tag Supported
- Content Moderation Upgraded
- VOD Player Signature Upgrade
- Live Clipping to Become Paid Feature
- Content Recognition to Become Paid Feature
- The “startPlay” API of the Player SDK Renamed
- TESHD Renamed as TSC
- Announcement on VOD Video Acceleration Price Change
- Launching Video on Demand (VOD) Features for Regions Outside the Chinese Mainland
- About Changing the Billing Rule of Transcoding Service for VOD/MPS
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Console Overview
- Service Overview
- Application Management
- Media Management
- Package Management
- License Management
- Real-Time Log Analysis
- Practical Tutorial
- Media Upload
- Smart Cold Storage of VOD Media Asset Files
- Video Processing
- Distribution and Playback
- How to Receive Event Notification
- How to Migrate Files from Origin Server to VOD
- Live Recording
- How to Make VOD Videos Live Streaming-Like
- Using VOD and WordPress to Build a Website
- How to Pull from Custom Origin Servers
- Development Guide
- Player SDK
- Server APIs
- History
- Introduction
- API Category
- Other APIs
- Media processing related API
- No longer recommended APIs
- Task Management APIs
- Media Upload APIs
- Media Management APIs
- Event Notification Relevant API
- Media Categorization APIs
- Distribution APIs
- AI-based Sample Management APIs
- Region Management APIs
- Statistics APIs
- Just In Time Transcode APIs
- Making API Requests
- AI-based image processing APIs
- Parameter Template APIs
- CreateWatermarkTemplate
- CreateSnapshotByTimeOffsetTemplate
- CreateSampleSnapshotTemplate
- CreateImageSpriteTemplate
- CreateAnimatedGraphicsTemplate
- CreateAdaptiveDynamicStreamingTemplate
- CreateAIAnalysisTemplate
- ModifyWatermarkTemplate
- ModifySnapshotByTimeOffsetTemplate
- ModifySampleSnapshotTemplate
- ModifyImageSpriteTemplate
- ModifyAnimatedGraphicsTemplate
- ModifyAdaptiveDynamicStreamingTemplate
- ModifyAIAnalysisTemplate
- DescribeTranscodeTemplates
- DescribeWatermarkTemplates
- ModifyAIRecognitionTemplate
- DescribeSnapshotByTimeOffsetTemplates
- DescribeSampleSnapshotTemplates
- DescribeImageSpriteTemplates
- DescribeAnimatedGraphicsTemplates
- DescribeAdaptiveDynamicStreamingTemplates
- DescribeAIAnalysisTemplates
- DeleteTranscodeTemplate
- DescribeAIRecognitionTemplates
- DeleteWatermarkTemplate
- DeleteSnapshotByTimeOffsetTemplate
- DeleteSampleSnapshotTemplate
- DeleteImageSpriteTemplate
- DeleteAnimatedGraphicsTemplate
- DeleteAdaptiveDynamicStreamingTemplate
- DeleteReviewTemplate
- DeleteAIRecognitionTemplate
- DeleteAIAnalysisTemplate
- DeleteHeadTailTemplate
- DeleteImageProcessingTemplate
- DescribeReviewTemplates
- CreateReviewTemplate
- CreateTranscodeTemplate
- ModifyReviewTemplate
- ModifyTranscodeTemplate
- CreateHeadTailTemplate
- CreateImageProcessingTemplate
- CreateAIRecognitionTemplate
- DescribeHeadTailTemplates
- DescribeImageProcessingTemplates
- ModifyHeadTailTemplate
- CreateQualityInspectTemplate
- DeleteQualityInspectTemplate
- DescribeQualityInspectTemplates
- ModifyQualityInspectTemplate
- CreateEnhanceMediaTemplate
- DeleteEnhanceMediaTemplate
- ModifyEnhanceMediaTemplate
- DescribeEnhanceMediaTemplates
- Task Flow APIs
- Domain Name Management APIs
- Playlist APIs
- Data Types
- Error Codes
- FAQs
- Agreements
- VOD Policy
- Contact Us
- Glossary
User-generated content (UGC) and professionally generated Content (PGC) platforms are two common scenarios in the video industry where video content can be freely uploaded and shared.
However, third-party video platforms may impersonate normal users to upload videos to your platform and then put the URLs of those videos on their own platforms. In this way, they can "live" on your platform like a parasite and get "free" access to video storage and playback acceleration. As a result, your video platform is used maliciously by others as a free video hosting service, which is called "malicious video hosting".
Malicious video hosting can cause serious economic losses since all the storage, bandwidth, and traffic fees incurred by the parasites have to be borne by you.
Causes of Malicious Video Hosting
How UGC/PGC platforms interact with others normally
Note:Arrows in the figure represent the network request directions.
Generally, a UGC or PGC video platform interacts with content providers, content consumers, and VOD in the following ways (for more information on steps 1–3, please see Upload from Client):
- The application backend authenticates the content provider and distribute to them a video upload signature after authentication is passed.
- The content provider uploads the content to be shared to VOD.
- VOD notifies the application backend of relevant information such as the
fileIdand playback URL of the uploaded video. - The content consumer requests the playback URL from the application backend.
- The content consumer accelerates video playback via VOD through the URL.
How malicious video hosting is implemented
Note:Arrows in the figure represent the network request directions.
A malicious third-party video platform impersonates a normal user of your platform:
- It upload its own videos to VOD as a video provider (steps 1 and 2).
- Then, it gets the playback URLs of these videos from your platform as a consumer (step 4).
- The users of the malicious platform get these URLs (step 4) and accelerate playback through VOD (step 5).
Core causes of problem
The ultimate purpose of malicious video hosting is to steal others' CDN bandwidth resources (while taking advantage of their storage resources). Malicious users do so mainly for the following:
- Step 4. The malicious platform can quickly get the playback URLs from the application, store them, and distribute them to its own users.
- Step 5. After the users of the malicious platform get the URLs, they can accelerate video playback unlimitedly.
Malicious Video Hosting Prevention
In view of the core causes of malicious video hosting listed above, the key solutions lie in:
- Preventing unrestricted access to playback URLs as mentioned in step 4.
- Preventing unrestricted playback acceleration as mentioned in step 5.
The following describes how VOD helps you restrict playback of and access to URLs.
Restricting playback of URLs
VOD's key hotlink protection provides the ability to limit the number of devices allowed to play back a video from a URL, so as to prevent the URL from being distributed to any number of devices for playback.
In order to implement effective control of the playback URL, you need to enable hotlink protection in the console; in step 4, a hotlink protection-enabled URL needs to be generated on the application backend according to the key hotlink protection URL generation rules (please see the example of "maximum number of IPs allowed for playback at a video playback address") in order to limit the validity period of the URL and the number of IPs allowed for playback.
Restricting access to URLs
Restricting playback of URLs alone cannot effectively prevention malicious video hosting. This is because in step 4, a malicious platform can make countless requests for different hotlink protection-enabled URLs for the same video and then distribute those URLs to its own users, thus bypassing the restriction on the number of IPs allowed for playback.
In response, the application backend needs to verify user identity in step 4 and impose frequency control, i.e., how many times an individual user can get the same playback URL within a specified period of time. This can prevent malicious users from getting a large number of video playback addresses in a short period of time.
Yes
No
Was this page helpful?