This article only applies to the workflow when Fastly "pulls" from your Wowza Streaming Engine server.
Depending on the need for security, and other factors, Fastly targets can be configured to pull from all applications on a single Wowza Streaming Engine instance, a specific application, or a specific stream.
This article will cover limiting Fastly access to either a specific application or a specific stream name.
Limit by Application
Limiting Fastly Target access to a single application can serve many purposes
- Obfuscate or remove the application from the client-side request URL
- Restrict client access to streams from other applications
- Restrict streams from a single application to a single CDN security policy
Step 1: Configure the Fastly Target
- Log into Wowza Video
- Go to Advanced in the top menu bar
- Click Stream Targets
- Click Add new target
- Select the Fastly target
- Give the Target a name
- Select "Enable Custom Origin"
- Select a Region (default is "US")
- Define the Wowza Streaming Engine host IP or domain as the Custom Origin URL
You must include the protocol "http://" or "https://". No port details required.
HTTP Example: http://220.127.116.11/liveHTTPOrigin/
HTTPS Example: https://1234567890.streamlock.net/liveHTTPOrigin/
- Save the target
Step 2: Build the Fastly Playback URL
- Log into Video
- Go to the Stream Target page for your Fastly target
- Go to Playback URLs
- Expand the HLS section
- Copy the URL format
Wowza Video UI - Fastly URL format
You will still see the URL format containing the application and stream name tokens, these can be ignored.
Modified URL format
Fastly playback URLs requires two (2) sub-paths between the FMSID (Fastly Stream ID) and the playlist type. As the application is no longer defined in the playback URL, the application instance must take its place to satisfy the two sub-path requirements.
Step 3: Test the playback URL
- You can use a test HLS player with ABR support, like TheoPlayer's HLS test player
- Check the ABR renditions by finding the Player toolbar, and selecting the settings icon
- Check the available renditions match your namegroup or SMIL file.