So I run a CCTV system based on the excellent open source Zoneminder, running on a pretty entry level ex-lease PC I bought from PBTech.

What I want to do is embed one of the cameras into a web site.

So my steps are going to be:

  1. Setup a Zoneminder user for public access.
  2. Write a small PHP proxy script.
  3. Profit!


I’m not going to talk you through setting up a Debian server.
Nor am I going to talk you through setting up a Zoneminder server on a Debian server.

I will assume that you have these things running.
I’ll also assume that you have the Zoneminder console running from a virtual sub directory in Apache (in my case /zm/ ).

But just in case, here’s a quick reminder of the Apache config:

# Remember to enable cgi mod (i.e. "a2enmod cgi").
ScriptAlias /zm/cgi-bin "/usr/lib/zoneminder/cgi-bin"
<Directory "/usr/lib/zoneminder/cgi-bin">
    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
    AllowOverride All
    Require all granted

# Order matters. This alias must come first.
Alias /zm/cache /var/cache/zoneminder/cache
<Directory /var/cache/zoneminder/cache>
    Options -Indexes +FollowSymLinks
    AllowOverride None
    <IfModule mod_authz_core.c>
        # Apache 2.4
        Require all granted
    <IfModule !mod_authz_core.c>
        # Apache 2.2
        Order deny,allow
        Allow from all

Alias /zm /usr/share/zoneminder/www
<Directory /usr/share/zoneminder/www>
  Options -Indexes +FollowSymLinks
  <IfModule mod_dir.c>
    DirectoryIndex index.php

# For better visibility, the following directives have been migrated from the
# default .htaccess files included with the CakePHP project.
# Parameters not set here are inherited from the parent directive above.
<Directory "/usr/share/zoneminder/www/api">
   RewriteEngine on
   RewriteRule ^$ app/webroot/ [L]
   RewriteRule (.*) app/webroot/$1 [L]
   RewriteBase /zm/api

<Directory "/usr/share/zoneminder/www/api/app">
   RewriteEngine on
   RewriteRule ^$ webroot/ [L]
   RewriteRule (.*) webroot/$1 [L]
   RewriteBase /zm/api

<Directory "/usr/share/zoneminder/www/api/app/webroot">
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
    RewriteBase /zm/api

Zoneminder read only user

Right, let’s start with a Zoneminder “read only” user.

In your Zoneminder console, head to Options->User, and smash that “ADD NEW USER” button.

Pretty straight forward:

  1. Username = YOURPUBLICUSER
  2. Password = YOURPUBLICPASS
    • Confirm Password = YOURPUBLICPASS
  3. Language
  4. Enabled = yes
  5. Stream = View
  6. Events = None
  7. Control = None
  8. Monitors = View
  9. Groups = None
  10. System = None
  11. Max bandwidth = whatever you like
  12. Restricted monitors = Select the Cameras you want available publicly.
  13. API Enabled = No

Save that bad boy.
That’s step 1 done 😊

A PHP Proxy script

So at this point you could just jam an image in any web site, using a specially crafted URL:

But, that kinda exposes, well, everything ! Your CCTV url, your readonly user and pass. I dunno, it just doesn’t seem right to me 🤣
So, I’m going to craft a small PHP proxy script which will hide this info from public view.

// storing this here just for future reference
$streamurl =  "http://YOUR-ZONEMINDER-CCTV-URL/zm/cgi-bin/nph-zms?monitor=5&user=YOURPUBLICUSER&pass=YOURPUBLICPASS";

$zmMonitor = "1";
$requestURI = "/zm/cgi-bin/nph-zms";

$getARGS = $requestURI."?monitor=".$zmMonitor."&user=".$zmUser."&pass=".$zmPass;

$fp = fsockopen ($host, 80, $errno, $errstr, 30);
if (!$fp) {
    echo "$errstr ($errno)<br>\n";
} else {
    fputs ($fp, "GET ".$getARGS." HTTP/1.0\r\n\r\n");
    while ($str = trim(fgets($fp, 4096)))

That’s it; save that PHP script as .. I dunno .. zoneminder_stream.php ?

Embed in HTML

Here’s the fun bit .. simple HTML !
<img src="/path/to/zoneminder_stream.php" alt="my stream" />

and here is the working result:


*note: this is a screenshot of my working camera

1 Comment

Mike DeVoe

Your article “Streaming A Zoneminder Monitor To A Web Site” was very helpful and got me on track quickly after a bit of stumbled through making it work over https. Thanks so much for the help with our streaming “bubble cam”. You rock! Feel free to drop in and blow bubbles in our back yard.

Leave a Comment

Liked what you've read?

  1. Leave me a message, or
  2. Drop me an email

It only takes a second of your time, but it means the world to me.
Don't comment on Facebook, comment here !

I don't keep any of your information, I only ask for a name, and an email to stop spammers!
Pretty please !! :)

Your email address will not be published. Required fields are marked *

You won't be notified of replies, so come back and visit again!

☝️ Top
🏠 Home