SitePoint Sponsor

User Tag List

Results 1 to 5 of 5

Hybrid View

  1. #1
    SitePoint Zealot zeeshan's Avatar
    Join Date
    Mar 2001
    Posts
    123
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hello -

    Here's the situation:
    We have a paid dedicated server, with paid bandwidth for our website.
    The site contains media files (songs, videos) that our visitors can see (Realmedia files).

    Here's the problem:
    "Hotlinkers"! Other sites are linking to our media files, and although we wouldn't normally mind, they are using up precious paid bandwidth on our server!

    I have seen simple CGI scripts around that essentially are called like:
    http://www.mydomain.com/cgi-bin/security.cgi?filename

    The security.cgi file does two simple things:
    1) Expands the 'filename' variable to the complete URL associated with it.
    2) ONLY allows access to itself from www.mydomain.com.
    So for example, if http://www.hotlinker.com put the link http://www.mydomain.com/cgi-bin/security.cgi?filename on their website, the script would notice the request coming from some place other than mydomain.com and block the access.

    Does anyone know where I could get such a script? Its really important as we are losing bandwidth (huge amounts!) and need to find an effective solution.

    Thanks.

  2. #2
    SitePoint Zealot
    Join Date
    Apr 2001
    Location
    Toronto, Ontario, Canada, Earth
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    if you're using perl, than you could try something like this:

    Code:
    #!/usr/bin/perl
    if ($ENV{'HTTP_REFERER'} =~ 'mydomain.com') {
    print "Location: http://www.mydomain.com/file.rm\r\n\r\n";
    }
    else {
    print "Content-type:text/html\n\n";
    print "Error: You do not have permission to access this file.";
    }
    hope this helps,

    Jason Weinstein
    webmaster@MaximumEdge.com
    http://www.MaximumEdge.com/

  3. #3
    SitePoint Zealot zeeshan's Avatar
    Join Date
    Mar 2001
    Posts
    123
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks...

    I was actually looking for a script available on the Net somewhere already. Although it'd be good practice, I don't have the time right now to sit down and write a script for this - albeit it being simple.

    Any ideas anyone?

    Thanks.

  4. #4
    Gong!
    Join Date
    May 2000
    Location
    Helsinki, Finland
    Posts
    229
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    As you didn't specify the platform/web server your site runs on, I assume that you could be using Apache as well.

    On Apache platform there's easier solution, you can block other sites accessing directly certain parts of your site.

    First, you need to place all the movie/music clips in a different directory, such as http://domain.com/clips/ - after you've done that, create a .htaccess file and upload it to the directory where the clips are.

    The .htaccess file should contain something similar:

    Code:
    AuthUserFile /dev/null
    AuthGroupFile /dev/null 
    
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} !^http://yoursite.com/ [NC]
    RewriteCond %{HTTP_REFERER} !^http://www.yoursite.com/ [NC]
    RewriteRule /* http://www.yoursite.com/unauthorized.html [R,L]
    After uploading this to the clips directory, the webserver will check HTTP_REFERER environmental variable for every request to the files in the clips directory and if it doesn't begin with http://yoursite.com or http://www.yoursite.com, the user will be redirected to the URL specified in RewriteRule (in this case, http://www.yoursite.com/unauthorized.html).

    For more information I suggest to do a search at Google for search phrases "mod rewrite" and "htaccess rewrite" for more information.

    And a bit of more resources as well:

    http://httpd.apache.org/docs/mod/mod_rewrite.html
    http://e-commerce-inc.com/htaccess.html
    http://home.verio.com/support/hosting/htaccess.cfm

    I hope this helps.

    But, if your server is run on Windows based platforms or you don't use Apache as the web server, then all I can suggest is to look for a script at:
    http://www.hotscripts.com/search/?qu...y=all&bool=AND
    HighCheats - game cheats, codes, tips and tricks for PC and various console platforms

  5. #5
    SitePoint Zealot zeeshan's Avatar
    Join Date
    Mar 2001
    Posts
    123
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes, I'm running Apache.

    Thanks for the help and the links. That is exactly what I was looking for. Will check all this out later tonight.

    Thanks again!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •