We’ve been using licensed version of evostream for a while now (switched from nginx-rtmp). We are happy with the performance and features of evostream, however we miss two features we had in nginx-rtmp.
1. Allow HLS segments to have a pseudo-random prefix. nginx-rtmp has an option to use current unix timestamp as segment filename, thus making it almost impossible for some attacker to guess next segment names.
2. Allow/deny play or publish based on ip access lists. Something like:
allow publish 192.168.0.0/24;
deny publish all;
allow play all;
As it is we can not restrict publish access to certain IPs. I know evostream has other options for security, like authentication and aliases, but the above option is really usefull.
It would be nice if those two options would be included in an upcoming release update.