Private Podcasting Pro

Published on

Private podcasting is a Pro feature. It lets you restrict a podcast feed so only people with valid private feed tokens can access it.

Find settings in Selfhost Podcasting > Manage Podcasts > open a podcast > Private Podcasting when Pro is active.

What Private Podcasting Does

When a podcast is private:

  • The normal feed requires authorization.
  • Subscribers receive unique tokenized feed URLs.
  • Feed access can expire.
  • Feed and episode usage can be limited.
  • Audio URLs in the private feed are rewritten through a signed proxy URL.
  • Direct private episode permalinks are removed from private feed output.
  • Admin users can still inspect private feeds while logged in.

Public vs Private

Public Podcast

Anyone with the feed URL can access the RSS feed and media URLs.

Private Podcast

Only users with a valid token URL can access the feed. A tokenized feed URL looks like:

https://example.com/shp-private-podcast/podcast-slug/token-value/

The browser preview for a private subscriber adds:

?shp_preview=1

Private Podcast Settings

Privacy Status

Choose:

  • Public: normal public podcast feed.
  • Private: token-protected podcast feed.

Access Expiry Days

How many days a generated token remains valid.

  • 0: no automatic expiry.
  • Any positive number: tokens expire after that many days.

Feed Use Limit

Maximum number of feed fetches allowed per token.

  • 0: unlimited feed fetches.
  • Any positive number: token becomes unusable after reaching the limit.

Use carefully because podcast apps can fetch feeds frequently.

Episode Use Limit

Maximum number of counted episode/audio accesses allowed per token.

  • 0: unlimited episode accesses.
  • Any positive number: token stops working for episode access after reaching the limit.

Use carefully because podcast apps may use range requests and multiple devices.

Active Subscribers

Shows how many active, non-expired tokens currently exist for the private feed.

Private Audio Proxy

For private feeds, episode enclosure URLs are rewritten to signed proxy URLs. This helps prevent the raw storage URL from appearing directly in the private feed.

The proxy validates:

  • Episode ID.
  • Token.
  • Expiry timestamp.
  • Request signature.
  • Token access rights.

For local WordPress uploads, the proxy can stream files with range support. For remote media, it redirects to the source URL after validating access.

Important Security Expectations

Private feed URLs are secrets. Anyone with a valid private feed URL can use it until it expires, is revoked, or hits a usage limit.

Regenerate or revoke a token if a private feed URL is shared with the wrong person.