How To Prevent Users From Downloading Video Files (Or Share Them!)

Pirates!  They’re out there.

It’s a legitimate concern.  Digital pirates out there don’t want to pay people for their hard work.

As a course creator or even a general website owner your videos are your property and one of the most valuable online assets you have.  You’ve spent time and money creating them and publishing them.  They effectively demonstrate what you do or who you are.  They teach and instruct.  They are the preferred media for people to absorb information.

Now you want to make sure only authorized people and audiences can access and watch those assets.  That means you don’t want anyone to be able to download and re-publish your videos anywhere.  

So let’s get into how to prevent users from downloading videos files.  When you embed your videos with Spotlightr into your LMS, you should feel confident in the steps that we’ve taken to protect your videos.

We get it.  That’s why security is one of Spotlightr’s core features.  We take it seriously because our customers take it seriously.  So let’s get into the risks, options, and recommendations when it comes to security your video courses and video content on your website.

Here are the top ways your videos cant be pirated and shared and what considerations you should take when evaluating security for your video courses and video content.  We’ll get into the steps that Spotlightr takes to protect your video content.

Downloading video via browser plugins and extensions

This is probably the most popular way to pirate videos and the reason for most concern.  Most video hosting companies don’t do much to prevent this.  And the reason for that is because it makes everything else you do as a video host much more difficult.

There are dozens of browser extensions and plugins that download your video content.  Spotlightr prevents this by encrypting video content which renders these plugins and extensions useless.

This is how people normally rip down entire courses to their hard drives (and then sometimes distribute online).

Preventable?

Yes.  To prevent this you need a hosting provider that encrypts your video content.  At Spotlightr, we use HLS encryption.  When encrypted, videos are virtually impossible to get via these plugins and extensions.

Want to put us to the test?  Sounds great!

Go here:  https://docs.spotlightr.com/en/articles/1892370-secured-video-example

Right clicking video to find the video ID or video URL and then sharing that

Most popular video hosts provide a video landing page for your videos that are hosted by the company.  The URLs are all the same except for a video ID appended at the end.

With this in mind, another way videos can be shared and pirated is by right-clicking on the embedded video and getting the video ID.  With the video ID users can easily do some searching online to see how they can use it to pull up a video that is supposed to be private.

Some video providers will make sure you can right-click on their videos just as a form of advertisement.  So they are basically giving up any security on that video in favor of free publicity.  You’ll find the bigger companies that have bigger brand recognition just don’t care about your security and do this (cough cough Wistia cough cough).

Preventable?

By disabling visitors from right-clicking on the video completely, there is no way to gather any information about the video, video URL, video ID, etc.

Watch Page Protection

As we just mentioned above, most hosting companies provide a video landing page for every video.  At Spotlightr, we do the same.  We call them Watch Pages.

So, what if pirates are savvy enough to look at the source code of a page that has an embedded video and figures out the watch page URL?  Or they just figure it out another way?

You can remove all doubt by simply disabling that page completely.  So even if they somehow manage to find the video ID and figure out the structure of our watch pages, if the page is disabled there is nothing they can do.

Here is an example of that:

https://spotlightrteam.cdn.spotlightr.com/watch/MTMwODY4Mw==

Domain Whitelisting

Another step we take to protect your content is via domain whitelisting.  By default, your embed code will work on any domain or website that you put it on.  But when you turn on this feature, you can specify that your embed code should work on your domain only.

This way if someone does manage to get ahold of your embed code, they cannot just add it to their own web pages.  They can add it, but the video won’t play.  Videos will only play on domains that are whitelisted.

Here is how that looks inside a Spotlightr account.  In this example, embed code will ONLY work on the domains guitarworld.com and trumpetworld.com.

Sharing the actual web page your video is embedded on

If you have a page on your website with a video, that page can be considered private if it:

1. It’s locked behind a login, so that credentials are required to access the page
2. The page is not available from any type of navigation on the website and it’s also blocked from being indexed by search engines.  So basically you can’t get to the URL unless someone gives it to you.  It’s impossible to just “guess” a URL.

Or, if you are like a lot of people, you are using both of those options above.

But even if you are doing both, someone can still share the link and then also share their credentials.  There is really nothing you can do to stop that.  The only way to stop that would be to develop security into your website that tracks and limits the number of devices that can use a login.  But this is neither easy nor cheap to do.

Preventable?

Well, yes and no.  As mentioned above, you can prevent it on your own site by developing some security protections that tracks devices to logins.  But the cost and effort of this is usually quite high.

At Spotlightr we give you other options with our Gallery module.  You can create a gallery within Spotlightr, and then publish that Gallery on your website (or use the Spotlightr hosted Gallery).   And these videos can be restricted via access codes that have various expiration settings.

For example, you can generate an access code that expires after a certain amount of time.  Or on a certain date.  Or after the videos were accessed a certain amount of times.

For more info on these, we have an article that reviews the different galleries available, options and some demo galleries as well.

Recording your video with screen recorders (or even recording your monitor with a camera)

While it’s possible to prevent some screen recorders from working, even if you do that pirates can always just set up a video camera or cell phone right in front of the monitor.  Quality in both cases turn out very poor, but in these cases it’s not the quality they care about but the actual content of the video.

Preventable?

It can be curbed by attempting to block screen recording software but, as just mentioned, the monitor can simply be recorded.  At Spotlightr we address this by making available watermarks that display the IP address of the viewer, which can discourage this type of piracy.