The TechSmith User Community is closing on January 3rd, 2024, and the ability to create new posts or add comments has been disabled. To learn more about alternative support options, visit our Support Center. Product feedback can be submitted here.

Hide the URL of an embedded video to prevent anyone from accessing the video outside of my domain



26 commentaires

  • Mike Curtis
    I am hoping someone can prove me wrong, but I do not believe it's possible to hide the URL in the html code. Once a video is on the web there are a number of ways people can "scrape" it--or even record it right off the screen and do what they will with it.

    I'm thinking the best way to control the access is via a password on your site. For example, to see the videos, your paid viewers would have to enter a password on the site (or page) that would give them access to the videos.

    Anyone know some more creative ways to protect your content?
  • samudranb
    That (password protect the video) I am already doing.

    But once someone has logged in, there is nothing to stop him from looking at the source, getting a list of all the URLs of the videos.. and just simply pass them around.

    If that were to happen, it would be catastrophic to my biz, since I am planning to make it almost completely video based.

    Could you please help me figure out how I can make piracy a little more complicated than that?

    Scraping / recording off the screen is not something I can avoid, so I am not even going to go there. But this surely can be avoided?

    PS: has this feature of domain control. Maybe we could have something similar here? E.g. make the video embeddable, but it can be played only at e.g. and not anywhere else (including

    That might solve the problem, and seems like a pretty great feature!!
  • Kelly Mullins
    The highest level of privacy using is the Authenticated level.

    When the Authenticated privacy level is applied to your video located within a Hidden folder, your customer must receive an email from you containing a link to the content.

    To view the content, the recipient must have a account (they can quickly create one for free). The email address used to create that account must match the email address on the invitation you send.

    If the URL is copied and passed along to someone else, they will see a webpage with an error message - not your video.

    Additionally, an invitation can be revoked at any time rendering the link in that email invalid.

    While the viewer is in the Hidden folder, they cannot use the breadcrumbs at the top of the video to go back to the folder and view other content there - it is hidden from all viewers.

    It seems this might be a good solution for you. However, you would need to send out an email invitation to each person for each video.

    Keep in mind.. no video is totally free from being copied - there are lots of video recording applications out there that will allow people to record video if they choose to do so.

    However, and the Authenticated privacy level will give you a lot of control over who sees your video in an Ad free, professional environment (that you can personalize with your own corporate look if you have a pro account).

    You can read more about the privacy levels here:

    If you are using a Free account, keep in mind there are bandwidth usage limits that renew each month. If you have a lot of viewers, you might need to go Pro to ensure they can all view your content.

    For more information on bandwidth usage and, go to the Help Center topic on Bandwidth:

    Hope this helps,
  • samudranb
    Nope. That does not help.

    I know about the authenticated privacy setting, and unfortunately it is not feasible for me. The video HAS to be embedded in the content, as it has to be placed in context of the rest of the media material.
  • Fred W. Grover
    Hello samudranb,

    As Kelly stated above. When it comes to video or anything else online it is not 100 percent protected. If someone wants it they can get it. When embedding a video it will always show the embed code as far as I know there is no way to hide it.. What are you trying to embed this content into? I know this is not what you wanted to hear but, it is all I know unless someone can prove me wrong or give a different solution.
  • LornaEllisonGreenwoodOverbeck
    Even if you go to extremes to protect it, there are programs out there to record the screen, the webinar, etc. that will allow viewers to scrape the video (e.g., Camtasia!) Sorry, Samudranb - if it's out there, it's out there.
  • David M. Converse
    Hollywood has spent millions of dollars trying to stop people from copying videos and they have not been successful. There is not a technological way to prevent this if the viewer has control of the computer.

    The best advice I have seen is to structure your business model around the assumption that you cannot prevent content from being copied. Watermarking, contractual provisions, and registering your copyrights are good business measures to discourage copying.
  • samudranb
    I understand that to somebody determined to steal the content, there is little one can do.

    But I believe that there should be a little "something" preventing the most basic users from doing so. Why make their lives easier, by displaying the embed URL? Especially when you are paying by the bandwidth?

    E.g., I found this site, which encodes the URL (maybe javascript, I dont really know how he has done it). To anyone determined to do so, it will be a stumbling block, and if someone not-so-much-of-a-technical-bent-off-mind tries to copy the URL, he / she will be unable to find it easily.

    The site is

    I believe this should be a standard feature for all video hosting sites which charge by the bandwidth. Wouldn't you agree?
  • Danish Eqbal
    There is no way to hide the content .
    What you can do only load the src by js.
    Or use json encoder or decoder to hide the content.
    I will recommend you to use url signing secret.
    Which will protect your content to being played after an interval of time. But it can be downloaded.
  • David M. Converse
    Obfuscating URLs is not much of an effective security feature. Remember that to view a video, it has to be copied to the user's computer. That person can record it, save it from the browser cache, or use a program like RealPlayer or a "downloader" to automatically grab the video from the website.

    Unfortunately, this is something that we really don't have a fix for, its just the nature of how the Internet works.
  • David M. Converse
    Obfuscating URLs is not much of an effective security feature. Remember that to view a video, it has to be copied to the user's computer. That person can record it, save it from the browser cache, or use a program like RealPlayer or a "downloader" to automatically grab the video from the website.

    Unfortunately, this is something that we really don't have a fix for, its just the nature of how the Internet works.
  • camtasia888
    you can download software that "encrypts" your html, in whole or in part, search google for html encryption. pevents hotlinking to your content.

    ask youtube forum for advice, they now have pay per view channels for U.S.A users. for example on youtube videos are downloadable via firefox "ant" plugin, but i dont know if this is possible with the paid video sources.

    I believe that those who record online tutorials etc, do not really pass them around, so you wouldnt lose much in the way of paying customers.

    they only screen record it to save them having to log in again and again to watch the content after paying for it, and so they can save it to their ipads or iphones to study on the train to work for example.

    I doubt they would repost it to any main media site like youtube, screencast, vimeo or a major blog like wordpress. I believe if you have valuable educational content, and people are paying for it, I can't see why they would give it to the rest of the competition for free, after they forked out hard earned dollars for it. its more a convenience thing and the transitory nature of most of the internet, their worried they might lose their source of investment if your sight disappeared. is a major educational sight with tutorial software videos for example, they have a long legal terms and conditions to be agreed to when you join, talks about no downloading and redistributing, so even a large pro company has to deal with the issue, read it and learn from their experience.

    having your watermark and website address on there , or an intermittent message at the bottom of the content stating this content should only be viewable at and at the beginning and end of the video, a short message, illegal copyright notice, should make people think twice.
    "please report infrignements to" will do a lot to prevent widespread posting of your work.

    and if you do a websearch every couple of months on major video sites you'll be able to locate any popular content along the lines of what your doing, if yours is there and if there are any number of views (high volume viewing) it will come up very quickly in search, otherwise dont worry you'll have only lost a handful. again I doubt it.

    check out and ask them how they tackle the issue as they do subscription based videos also.

    good luck if your still around !
  • Shantanu Pethe
    All for having good discussion on this topic....
    Have you explored

    i went to above site and made the payment also to DRM Soft ...... but they replied that we have stooped this product ............ but i saw this product (sample) was working great ....
    It plays video with viewing restriction ..... & with anti screen capture feature........ i want something like this........ can you expert people help me in this my email id is

    Thanks in Advance 
    follow me on youtube:
  • Sarah Florian
    For anyone still looking for the answer there ARE ways to track people down.

    1. First to simply prevent the video url from being exposed you can use a flash video player and stream using hls, this will stop the user from simply copy and pasting the link since they'll need to do some digging to find the manifest files in the http requests then find a player that can play the manifest files. If you need an html5 player these days browser support for adaptive streaming is pretty good, just use a transmuxing wrapper like hls.js(for HLS) or dash.js(mpeg-dash). What will show in your html5 player is a locally generated blob url which means nothing.

    2. To stop a user from grabbing resources from the server, you can set up your http streaming to accept a token on initialization through the cookies in the header and check against one in the url. For example set up your url to be and have your cookie set as the private key to "blahblah" key pair, this will ensure that if that url is pasted in a seperate browser the http request will send the invalid private key cookie and hence won't be able to view the video. It's also standard these days to attach an expiry token on the url to check against the expiry so the url become inactive for the user after a certain amount of time.

    3. To stop a video sniffing software from downloading the chunks it gets a little bit complicated but is very do-able. The best approach is to use a DRM software, there are tons out there some commercially stable so you gotta pay for them. A good DRM software would able to encode the actual video you are serving from the server with a public key and have the video player on the website decode the video with the private key in the player itself. This means if a tool sniffed the http requests it will be completely meaningless because that information is encoded and cannot be decoded by anything except the website's video player. Essentially the only way to download the video now is to screenshot individual rendered frames on the video player and pass them through a compressor in the end and reconstruct the actual video.

    4. To prevent even screenshotting the video is impossible however you can still stop pirates from doing so using a technique called Steganography. Basically this is a way to hide messages inside frames that are different based on the user to identity which user leaked the video. Movie studios use this technique to identify which cinema leaked the videos online by stamping a unique id into each frame of a movie identified by the reel number which is sent to a specific cinema. There are steganography libraries implemented in C/C++ for server side video streaming which you can implement, a good steg algorithm would produce a signature that could be identified even if the frame was blurred or re-encoded, this is too hard to explain mathematically. It wouldnt stop the ability to pirate but atleast you can catch who is responsible.

    Hope this helps someone!
    Long Live Piracy
  • Joel Hooks
    Another thing to consider is that this likely won't be detrimental to your video business. We operate a serve that is streaming 20tb of video content a month. That's relatively small when compared to the "big guys", but it is quite a lot to us, and it puts food on the table.

    People are always writing scrapers and utilities to grab our videos. They put the code up on Github as public repositories, and then there is a team working on it. I've asked nicely, given free accounts, or otherwise negotiated several of them being taken down.

    Many still exist.

    At first it filled me with anxiety, but fighting it is a lot of work. You have zero recourse with torrent sites. People writing scrapers tend to be extremely smart and determined, so if you fight back the fun really starts for them. Find a way to let them "win" in a mutual way. These people know they are stealing and aren't the bad actors.

    We do fight back when our content is posted to YouTube. I wrote a script that automates the DMCA boilerplate and YT is very good about removing the content when you fill all the legal requirements. I actually find YouTube much more egregious as the uploader is often pretending to be the content creator, and the viewers don't know they are participating in fraud.

    That said, @Sarah's tips above are excellent baseline "make this more difficult so they have to be dedicated to the cause" tips above are spot on. Thank's Sarah!
  • Hovert van Doremalen
    You can try or download tht prefix php id's url script on

    It tried and i'ts very good  and you can make custom it.
  • Sport Lover
    Above comments are almost very old . Easy and free way to hide and lock your content by using wmspanel nimble. simply use it as a trial in starting and once you have done the setting on your server regarding media lock then no need of paying subscription fees.
  • Ramesh Kumar Pandey
    you can simply use .htaccess rule to use below

    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?(your webisite domin// [NC]
    RewriteRule \.(mp4)$ - [NC,F,L]
  • lsolo

    This may be a bit too late and may have already figured out how to do this, but just in case anyone runs into this post like I did through search, you should know that there is a very easy solution.  I use Vimeo and it works great.  Yes, your URL to Vimeo is exposed, but Vimeo has tools that block access if the request does not come from allowed websites.  I simply 'whitelist' my website and anyone that wants to copy and share the URL to the vimeo source will get a message saying that the content does not exist.  I've been doing this for many years and have had great success in preventing my paid content from getting shared for free.  Now if I can only figure out how to do that with my e-books!!  

    I hope this helps someone.

  • Kingsleykeys

    Isolo - I have 100's of recorded educational videos on vimeo. I "Hide From Vimeo" probably just like you do; however, when I embed "Showcases" from Vimeo into my site, the showcase itself turns into a "playlist" - and I do NOT want that to be what my subscriber sees. I want them to see the beautiful Showcase.  A bad alternative is to just share the link to the showcase. But, the user gets taken off site to Vimeo, and I want them to stay on site.

    Portfolios are not allowed to be embedded.

    Do you have any thoughts or solutions? I've been going at this for 20+ hours over the last 3 days. Your post was a breath of fresh air.


  • Steve

    As Isolo pointed out, Vimeo does it (restrict video playing to whitelisted domains), so it can be done. But how do they do it?

    I'd like to set up my own video/livestreaming server and grant access to the (embedded) videos/livestreams only on another website, where I implement the user management and payment stuff. I just want the videos to be accessible only in the context of that website domain. Any direct calls to the video or livestream url should result in a sorry message like vimeo delivers.

    Anybody any idea how this can be achieved?


  • Kingsleykeys


    I'm doing exactly what you are wanting to do (I think). Since my post 17 days ago I have developed the following.

    • Videos are hosted on Vimeo.
    • In Vimeo I organize my content videos using Showcases.
    • In my Wordpress for my website I have installed the plugin Vimeography (this is not produced by Vimeo).
    • In Vimeography I create "galleries" that embeds the videos as it pulls the videos directly from my Vimeo showcases.

    You have to be logged in to my website to access the videos. Once accessed, another user could not copy and paste the URL. It does give you some kind of "video not found here" message.  In Vimeo, the showcases have to have a privacy setting of "public", but the individual videos themselves can have privacy set to "Hide From Vimeo".  


    I offer subscriptions to my educational videos (I use Paid Memberships Pro).  

  • Steve


    I'm currently a Vimeo Premium user and their domain whitelisting works well. My website where I sell the videos and livestreams works well as well. But for a couple of reasons (e.g. data privacy and cost) I'd like to switch from Vimeo to my own video and streaming server (a vserver running nginx and Owncast).

    Now I'd like to configure that server to prevent direct access to the video and livestream URLs and only allow access from whitelisted domains.

  • Kingsleykeys


    Okay. I understand now.  I believe this is the #1 problem online video based services have - privacy - and preventing the theft of your content.  I found quite a few workarounds for hiding the URL, etc., but it just got too technical for me, and I just couldn't spin my wheels anymore trying to solve it. So, I went the current Vimeo route.

    Good luck.

  • Steve

    Thank you. If I find a solution I will post it here.

  • Carlenelee78

    Sign in to YouTube Studio. From the left menu, select Content. Click the video you'd like to edit. Click the Visibility box and select Share privately.


Vous devez vous connecter pour laisser un commentaire.