Rewrite rules for nginx storage and/or conversion server: location / { try_files $uri $uri/ /index.php?q=$uri&$args; } rewrite ^/embed/(.*)$ /embed.php?id=$1 last; rewrite ^/_[0-9a-zA-Z]+/(.*)$ /filev.php?u=$1 last; rewrite ^/vfile/([0-9]+)/([0-9]+)/([0-9]+)/([^/]*)/([0-9]+)/(.*)$ /filev.php?id=$1&file_id=$2&server=$3&hash=$4&expire=$5&file=$6 last; rewrite ^/hfile/([0-9]+)/([^/]*)/([0-9]+)/(.*)$ /fileh.php?id=$1&hash=$2&expire=$3&file=$4 last; location ~* \.(?:m3u8|ts)$ { # if you want to only allow access to your hls video files from the main site, replace * with http://yourdomain.com (multiple domains can be separated by commas) add_header 'Access-Control-Allow-Origin' '*' always; add_header 'Access-Control-Allow-Credentials' 'true' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE, INCLUDE' always; add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always; if ($request_method = 'OPTIONS') { add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Content-Length' 0; return 204; } # if you enable advanced hls serving, please uncomment the below two lines (the root must be a folder where the files are NOT found) #root /home/mserver/public_html; #internal; } location ~ ^/(tmp|modules|libraries)/ { deny all; return 404; } location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|css|js|ts)$ { expires 1M; access_log off; add_header Cache-Control "public"; } # you can choose between using secure link or location ~ \.mp4$ { secure_link $arg_st,$arg_e; secure_link_md5 d1gw33d$uri$arg_e$remote_addr; if ($secure_link = "") { return 403; } if ($secure_link = "0") { return 403; } mp4; mp4_buffer_size 1m; mp4_max_buffer_size 5m; # if you enable advanced video serving, please uncomment the below two lines (the root must be a folder where the video files are NOT found) #root /home/mserver/public_html; #internal; }