Cloudflare Stream offers its own free plugin which, actually, has limited functionalities.
I tested it but in my case, that was not enough. I needed to integrate the functionality of signed URL into my WP to protect my videos because, in the end, I wanted to prevent my videos to be downloadable by anyone.
I, therefore, created a plugin, called “Cloudflare Stream WordPress plugin” which offers a tokenization technology (one shortcode for each video). If you want to know more, you can read my detailed blog post.
It easily integrates signed URL capabilities (video protection) in your WordPress installation (classic, Gutenberg, and WPBackery), and allows stream only from certain domains.
The core functionalities we needed (and the problems we solved) were:
a) protect our videos by allowing only some domain origins directly from Wordpress, pretty much as you do manually in CF:
So that the video streaming would have only be possible from our domain gorillacommunication.
b) make the video ID hidden from public as normally it isn’t:
Ie. if you take your video ID and paste it after this URL you will see that the video streams perfectly publicly:
c) to have a “panic button” that would unsign all the videos URLs in bulk. So, in case anything would happen with the tokenisation (e.g. wordpress updates, sudden plugin incompatibilities or malfunctions, etc) we would have insured our users the streaming, even if unprotected.
d) A shortcode so to embed the videos wherever in our wordpress (pretty much as the official CF plugin is doing)
e) managing all the streaming parameters (autoplay, poster, loop, etc)
So we made this plugin that is working in 4 simple steps:
A setting page get all the CF basic parameters (ID, email, API key, etc):
There you can also set a Buffer time. Which will be added to the video lenght.
E.g. if your video last 5 min and your buffer time is 5 min, the generated token for the streaming session will be invalidated after 10 minutes.
You can add your video as you would do with a normal Wp page, giving it a title and inserting your video ID taken directly from CF stream interface:
Once you hit “publish” it will automatically whitelist the current domain only on CF, so that you don’t have to insert the domain origins via CF interface and sign the URL, de facto, protecting the video. E.g. if someone would want to grab your URL and copy it in a forum or download it.
You get all your videos and their shortcodes:
you simply paste the shortcode wherever you want in your wordpress + add any parameter you want after the shortcode
The result of that is that now our videos are streaming from CF in a “protected way”, eg. instead of the ID, a time-bound token is shown on the DOM and the video ID remains hidden:
I thought it might be of interest to anyone facing our same need vs video protection, signed URL, tokenization, etc.
I am pretty sure there are better, faster and more efficient ways to do this, so I am very open to read your thoughts, comments and expertise and to learn from it
Thanks for the reading and subscribe to stream, it really worth!!!