Live stream security
Live streams are exposed to threats at every stage: unauthorized access during configuration, content theft at ingest endpoints, hotlinking of playback URLs, and illegal redistribution of recorded streams. ApsaraVideo Live addresses each attack surface with RAM-based access control, HTTPS secure acceleration, and hotlink protection.
Live streaming exposes multiple attack surfaces: unauthorized access during configuration, content theft at the ingest endpoint, hotlinking of playback URLs, and illegal redistribution of recorded streams. ApsaraVideo Live addresses each of these with a layered security system.
The following figure shows the security features provided by ApsaraVideo Live.
RAM users — Control who can manage your live streaming resources. RAM user policies restrict console and API access to specific operations, preventing unauthorized changes to domain configurations, stream keys, and recording rules.
HTTPS secure acceleration — Encrypt stream delivery between CDN edge nodes and end viewers. Enabling HTTPS on your playback domain prevents cleartext interception of live content and protects viewer privacy.
Hotlink protection — Prevent unauthorized sites from embedding your playback URLs. Configure referer-based allowlists or denylists so only approved origins can access your streams, blocking hotlinking and illegal redistribution.
Use these features together for defense in depth: RAM users lock down the management plane, HTTPS secures the delivery path, and hotlink protection restricts who can reach your content.
For more information, see Live streaming security.