Yesterday, I got an automated e-mail from the Influxis admin system that my bandwidth quota was approaching its limit for the month. Most of the FMIS applications I have running at Influxis are sample applications that I feature in my computer books, and I was a bit surprised to see THAT much bandwidth in use for sample videos and applications. Unfortunately, I didn’t have the access logs feature enabled on my Influxis account. So, I don’t have concrete evidence that outsiders were accessing my sample application folders in order to publish live streams””but I suspect that’s what was happening. For starters, any FMIS application is WIDE OPEN by default on Influxis accounts to make things quick and easy for you to get started. Because of this default behavior, which I think is a good default from Influxis’ point of view, anyone is allowed to connect to the application instance(s) and read/write to those application instance folders. The key word here is write. Yes, all connected clients can write shared objects to the application server instance (even persistent instances!) and publish/record live video streams to other connected clients. (Think big scale video conferencing happening with YOUR application instances and account!! I won’t even draw the mental picture of which types of video conferencing could be occurring. Oh wait, I just did.). Influxis does however recommend you secure your applications before deploying them and give you a lot of tools for securing your application using things like domain filtering. In my case that was not an option. Thankfully, there’s a very simple solution that you can quickly enable in the main.asc server-side ActionScript file in your application folder:

application.onConnect = function(clientObj){clientObj.writeAccess = “”;}

That’s it! This simple property value (“”) effectively disables any publishing, recording, or writing of shared objects to your application instances. If you do need to allow publishing, recording, and any other writing of data, look into authentication routines you can use for your FMIS applications.

One Response to “Keeping unauthorized publishers OUT of your FMIS apps!”

  1. Richard

    Influxis customers have the ability to set referring domains that will reject connections from unauthorized domains, you can set yours here: https://secure1.influxis.com/members/RefDomains.aspx

    Reply

Leave a Reply

Current day month ye@r *