Add note about ACCESS_KEY to readme
This commit is contained in:
parent
6bebb69ffa
commit
b567252695
1 changed files with 2 additions and 0 deletions
|
|
@ -82,6 +82,8 @@ For the moment, security is the responsibility of the HTTP proxy. The CherryPy a
|
|||
|
||||
Even still, someone who knows an exact stream key can currently get the Websocket for your WebRTC sessions and the RTMP URL to push. This is an inherited weakness from OvenMediaEngine and would be a 2.0 goal to add viewer authentication and passphrases to the Admission Webhook.
|
||||
|
||||
You can make it harder for someone to stream to your server by adding an access key. See the `OVENMONITOR_ACCESS_KEY` variable on the example configs. If this is set, any streamer must also include a GET parameter matching the key to start a stream by appending `?access_key=KEY_HERE` to their stream URL.
|
||||
|
||||
In addition, OvenMediaEngine has been known to have a recurring bug where its API endpoint will listen on all IP addresses even if configured not to do so. It is recommended you use a firewall to block all ports except the video ingest ports and use your HTTP proxy for most traffic. The recommended setup:
|
||||
|
||||
- OvenMediaEngine API port on localhost:8081 and firewalled
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue