Programming Forums
User Name Password Register
 

RSS Feed
FORUM INDEX | TODAY'S POSTS | UNANSWERED THREADS | ADVANCED SEARCH

Reply
Page 2 of 2 < 1 2
 
Thread Tools Display Modes
Old Aug 14th, 2006, 1:02 AM   #11
linxis
Programmer
 
Join Date: May 2006
Location: USA
Posts: 52
Rep Power: 0 linxis has a little shameless behaviour in the past
Send a message via ICQ to linxis
You can do it with a ActiveX control. With active x make it like toolbar.yahoo.com how they do a download without using the IE popup or anything this will prevent from anyone getting the url. And to protect the html page can b done with a cookie by one page placing a cookie if a correct password is entered and the download page reading it. If this is what u meant
__________________
Get programming and game creation tutorials and discuss apon you peers at
http://s14.invisionfree.com/tsoft
We also accept custom software requests and new mods will be needed soon
linxis is offline   Reply With Quote
Old Aug 31st, 2006, 5:26 AM   #12
natefico
Programmer
 
Join Date: Jan 2005
Posts: 35
Rep Power: 0 natefico is on a distinguished road
Send a message via AIM to natefico

Here is an example of an .htaccess file you could utilize to do what you want.
(Toggle Plain Text) 
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F]
This should display a 403

If you want to have some fun replace that rewrite rule with this one,
(Toggle Plain Text) 
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpe [L]
natefico is offline   Reply With Quote
Old Sep 2nd, 2006, 8:15 PM   #13
Xeoncross
Newbie
 
Xeoncross's Avatar
 
Join Date: Aug 2006
Posts: 11
Rep Power: 0 Xeoncross is on a distinguished road
Lightbulb Y-Fi? (.htaccess)
Quote:
Originally Posted by Eoin
If you want to protect your files from other sites leeching sites it will really prove to be a non-trivial task and given the way HTTP works it would never be perfect.

That said you can make this harder for the leechers, checking the referer is an easy technique to implement, but also easy to get around. Maybe trying things like dynamicially generating URLs which only remain valid for a short time would be harder on the leechers, but also harder on you and probably your site.

I say that if the whole point of this is to only let MEMEBERS download a file (and it is free to be a member - like on this site) then who CARES if someone fakes a refer?! If they want to go to all of that trouble just to get a file - let them.

After all, they would just register download the file and be gone anyways...

So you see, the result is the same...
so just save the time and step a simple .htacess refer.
(again assuming that it is free to join )
Xeoncross is offline   Reply With Quote
Old Sep 3rd, 2006, 8:01 AM   #14
tempest
Programming Guru
 
tempest's Avatar
 
Join Date: Oct 2004
Posts: 1,041
Rep Power: 5 tempest is on a distinguished road
Send a message via ICQ to tempest Send a message via AIM to tempest Send a message via Yahoo to tempest
You could also have a download directory which uses mod_rewrite to reroute requests to a PHP script which makes sure that an expiring session has been started by your site containing info like the last page they accesed (you could even make sure that page has a link to said file on it if you're pedantic).
__________________
tempest is offline   Reply With Quote
Old Oct 20th, 2006, 1:25 PM   #15
jsilver608
Newbie
 
Join Date: Oct 2006
Posts: 20
Rep Power: 0 jsilver608 is on a distinguished road
other people have had this exact same issue. Here is a pretty effective way of solving it. referers can be faked, but it will stop 99% of the people hotlinking your files/images:

http://jeremy.zawodny.com/blog/archives/000826.html

another way of doing it (if mod_rewrite is not supported on your server/host), is to have all your downloads point to a php script that checks the referer (variable is: $_SERVER['HTTP_REFERER']). If it's not your site, then redirect them. Otherwise, let them download your file.
__________________
High Performance PHP
http://www.whenpenguinsattack.com
jsilver608 is offline   Reply With Quote
Reply
Page 2 of 2 < 1 2

Bookmarks

« Previous Thread in Forum | Next Thread in Forum »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OnlineTextEditor.Com! Sane Show Off Your Open Source Projects 43 Jun 16th, 2006 8:55 AM
Command Prompt SkyPioneer Coder's Corner Lounge 5 May 3rd, 2006 10:07 PM
add mutiple users to the smbpasswd file. Pizentios Bash / Shell Scripting 3 Oct 20th, 2005 12:48 PM
After execution - Error cannot locate /Skin File? wchar Visual Basic 1 Mar 5th, 2005 9:04 PM
airport Log program using 3D linked List : problem reading from file gemini_shooter C++ 0 Mar 2nd, 2005 4:12 PM


Contact Us - DaniWeb IT Discussion Community - Privacy Statement - Top


DaniWeb IT Discussion Community
All times are GMT -5. The time now is 7:33 AM.

Powered by vBulletin® Version 3.7.0, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Copyright ©2007 DaniWeb® LLC