This tutorial shows you how to enable Apache XSendFile to prevent your videos from being accessed by external or unauthorized users. It will also help you set up the symbolic link to allow you to move your videos to another location

Get 1-hour support on our Services Site, we will do it for you

1. Ubuntu 22.04
2. Apache XSendFile
3. SecureVideosDirectory Plugin

1. Root Access to the server
2. Admin user for YouPHPTube

This is necessary for secure files and configuration assistant

sudo apt-get install libapache2-mod-xsendfile && sudo a2enmod xsendfile

sudo nano /etc/apache2/apache2.conf

<Directory /var/www/html/YouPHPTube/>
    Options Indexes FollowSymLinks
    XSendFile on
    XSendFilePath /var/www/html/YouPHPTube/
    AllowOverride All
    Require all granted
    Order Allow,Deny
    Allow from All
</Directory>

We can limit access to our video with embed contents,

No direct access is allowed but you can whitelist some server to use it in an Iframe or you can whitelist some headers so you can allow some apps to embed your videos.

• embedWhiteList: you can add one domain per row, so those sites will be able to access your embed content.
• userAgentWhitelist: you can add some user agents, for this you must use the JSON array format ["UserAgent1","UserAgent2"]
• HTTP_X_REQUESTED_WITHWhitelist: you can add some REQUESTED_WITH headers, commonly sent from apps, for this you must use the JSON array format with you app domain ["com.myandroidapp","com.myappleapp"]

If you are not sure what values to add on the fields above, you may find some clue in your log file