VOD provides a hotlink protection feature that enables you to set hotlink protection for video playback URLs as needed, helping implement control over video playback.
However, setting hotlink protection for domain names in use without testing involves the following risks:
For example, if you need to control the validity period of video playback URLs, you need to enable key hotlink protection:
signsignature parameter in the generated hotlink protection is miscalculated, enabling hotlink protection may cause playback failures of all videos in the production network environment.
texpiration time parameter in the generated hotlink protection is too large, the video playback URL will not expire as scheduled after hotlink protection is enabled.
Therefore, before hotlink protection is enabled for domain names, tests need to be conducted to ensure that the desired results can be achieved. In addition, hotlink protection testing should not affect users in the production network environment (i.e., it should be secure for the production network environment).
VOD provides you with secure hotlink protection test schemes.
The terms involved are described as below:
xxx-test.vod2.myqcloud.com). It shall not be used in a production network environment or set as the default domain name.
Generally, a user in the production network environment gets a video playback URL from the production application backend, and a test client from the test application backend. The domain names in the two URLs are the same (i.e., the default VOD domain name). During hotlink protection test, the default VOD domain name shall not be changed directly; otherwise, users will be affected.
To prevent hotlink protection test from affecting users in the production network environment, VOD provides a "preset VOD test domain name", which is isolated from the default VOD domain name used in the production network environment. During hotlink protection test, you should only manage the hotlink protection configuration of the test domain name.
VOD also provides a "test domain name proxy" (IP:
18.104.22.168). You just need to modify the HOST table on the test client to resolve the default VOD domain name to this proxy. Video playback requests from the test client will be forwarded to the test domain name through the proxy (red path in the figure below), while playback requests from users in the production network environment will still be forwarded to the official domain name (black path in the figure below).
Therefore, you can freely modify the hotlink protection configuration of the test domain name and test the playback URL distributed by the test application backend without worrying about any impact on users in the production network environment.
After fully verifying hotlink protection on the test client and test application backend and confirming that everything is correct, you can take the steps below:
In this way, the hotlink protection of the default VOD domain name can take effect, and the hotlink protection configuration verified after test can be applied to the production network environment.
Below is an example of enabling key hotlink protection to show you the steps of hotlink protection testing:
After logging in to the VOD console, a user (e.g., appid:
125xxx655) will see the following two domain names in Domain Management:
In the initial state, the preset VOD domain name
125xxx655.vod2.myqcloud.com is the default VOD domain name with key hotlink protection not enabled.
Select the preset VOD test domain name (
125xxx655-test.vod2.myqcloud.com), click Settings > Key Hotlink Protection, enable it, and click Generate Key to generate a hotlink protection key. Then, click OK and wait for the configuration to take effect.
The original playback URL of a video refers to the URL without hotlink protection parameters, which can be obtained in Media Assets in the console. The URL used in this example is
At this point, the test client can still play back the video at the original URL. Run the
curl command, and the HTTP status code returned is 200.
Modify the HOST table (
C:\Windows\System32\drivers\etc\hosts on Windows or
/private/etc/hosts on macOS) by adding the record
22.214.171.124 125xxx655.vod2.myqcloud.com and then save the change.
ping 125xxx655.vod2.myqcloud.com to verify whether the modification has taken effect.
After modifying the HOST table, the test client can no longer play back the video at the original URL, and the HTTP status code returned will be
403 Forbidden. This is because after the HOST table is modified, the video playback requests initiated by the test client will be mapped to the preset VOD test domain name, and the correct hotlink protection parameters must be included in the URL before the video can be played back.
Generate a URL with hotlink protection parameters according to the key hotlink protection generation rules, which is
curl, and the HTTP status code returned will be 200.
The test application backend distributes the URL with hotlink protection parameters according to the hotlink protection generation rules and verify the URL on the test client.
After test, the official application backend distributes the URL with hotlink protection parameters according to the same rules as that of the test application backend.
Open the Key Hotlink Protection module of the preset VOD test domain name in the console and copy the key; then open the Key Hotlink Protection module of the default VOD domain name, paste the key of the test domain name to the Hotlink Protection Key text box, and click OK.
After the domain name configuration takes effect, the hotlink protection configuration will be applied to the default VOD domain name used in the production network environment and take effect officially.