Safe website integration


#1

After searching the forum I can’t find a clear answer to my question: What is a safe way to integrate a NCS stream in a website. At this moment I have two bird-cams which I am streaming on my website www.ibirdview.com
Because I currently use a direct connection to my own server which is running NCS I would like to know what is the best practice / safest way to integrate the streams…
At this moment I am using a separate user account within NCS for the website an embed the streams with the generated HTML based on the token.

Regards,

Peter


#2

Hi Peter,
Thanks for an important question! Here is a list of some things that might be important to take under consideration:

  1. use https. It depends on the situation and what information that will be transferred.
  2. in the URL of the embedded code it is a token. The token can be removed from the URL and the NCS server can be reached without the token. At that time NCS will ask for user name and password. Therefore, it is very important to create a specific user in NCS that have access ONLY to the cameras that will be embedded in the website. The user name and password must be adequately strong.
  3. standard port is 8100. A five digit port number might be better since network scanners usually only scan lower numbers. A router with PAT (port address translation) is easiest to use. Or change port number in NCS configuration files.
  4. in the html code on the website one can also have different codes that stops robots from scanning the webpage. The company hosting the webpage knows more about this. It you set up your own web server it is a lot of security issues that must be considered.
  5. use a dedicated computer for NCS.

That´s what I have for the moment. Good luck and keep up the good work with a very nice website!

-Henrik


#3

Thanks for the quick reply Henrik. Not using a token would be quite a disappointment for the (public) visitors of my website i think. The website is made so other people can enjoy the nesting period of the birds… I am aware of the fact that https should be used, but I have no experience how to implement this in NCS and where to get the necessary certificates.

The main problem I believe exists with the current setup is the fact that the url of the camera’s is used within the website backend and can be retrieved when using developer tools visiting the site.


#4

Token must be used, however, since the token can be removed from the URL and NCS reached the user name and password must be strong.
A search in this matter gives that you cannot get rid of the URL, especially for live streaming video. The client must know where to find the information. It seems to be some ideas, but I am not sure if they work today. These are applications for the server side. Search the Internet for this and you find several discussions. A VPN solution is popular these days for hiding your true address :wink:
-Henrik