How to protect against hotlinking

[A Ingram]

I have just discovered that someone is hotlinking to my mp3 files without my
permission. These mp3 files are in a subweb at
http://atasteofjazz.saxlessons.com . This is causing me to come close to my
bandwidth allowance. This can't be legal or ethical, can it? Is there any
way to prevent this? I am using FP2003. Thanks.

Alastair Ingram
www.saxlessons.com

 

[assignor]

First rule is always, "never publish anything you don't want to be copied."

For hot linking - I know of no way you can have something on your site that
only "some people" can download.

However - I would move them into a new folder or even a separate folder
each, making people who want them go through a friendly login first. Most
robots can't log in. But for those that can - You can also add an
intermediate step where a person needs to enter graphically portrayed
letters and numbers.

Next on each download page (right at the top) enter two scripts that send a
person back if they 1) did not log in or 2) arrive from any other url than
your login procedure.
You can find free scripts from JavaScript and ASP sources.

Third to be nasty enter a third script called no cache script which is
supposed to hold a download only in memory not on the recipients disk -
unless of course it uses virtual memory.

Fourth put hidden instructions on your page - like a form - that save the ip
and other info about the people that visit your page. There are scripts
possible that check the table of IPs who have previously visited and
redirect them somewhere else - like a bye bye page. You could custom write
one to allow 2 or 3 visits to the same page per ip - and to reject anyone
whose ip is blocked (blank) by their security settings.

Last - reread First Rule and save yourself a lot of work.

 

[GJIsh]

Check with your host. The last one I used actually had a setting in Cpanel
that prevented hotlinking. Then you could go through and give permission to
selected sites to allow the hot linking. For example, if you put your avatar
on your server and then hot linked to it from a forum, you would give the
forum permission to hot link. If they don't have a setting I'm sure someone
could give you the proper script or a way to stop it. Hope that helps!

 

[Sonars_UK]

The easiest way I can see is to change the path to the files on a weekly
basis by changing the name of the folder they are stored in.

The cheeky bugger that is hot linking to your files would soon get fed up of
amending his links.

I hope I haven't missed the point completely!

Regards,

Sonars UK

 

[Steve Easton]

Since your site is hosted on an Apache server running UNIX, you can use a .htaccess file to prevent
hot linking.
You "must" do the following through the web masters CPanel for your web site.

Open CPanel, click File Manager and browse to the atasteofjaz folder.
Click "New File" and then copy and paste the following exactly as it appears in your new file:
( do not correct the spelling of Referer, it is correct for this purpose )

SetEnvIfNoCase Referer "^http://www.saxlessons.com/" locally_linked=1
SetEnvIfNoCase Referer "^http://www.saxlessons.com$" locally_linked=1
SetEnvIfNoCase Referer "^http://saxlessons.com/" locally_linked=1
SetEnvIfNoCase Referer "^http://saxlessons.com$" locally_linked=1
SetEnvIfNoCase Referer "^$" locally_linked=1
<FilesMatch "\.(mp3)$">
Order Allow,Deny
Allow from env=locally_linked
</FilesMatch>



Then save the file with the name of: .htaccess and make sure it is in the atasteofjaz folder.

This should do it. Make sure to check that it doesn't effect links from your own pages.

hth

--
Steve Easton
Microsoft MVP FrontPage
95isalive
This site is best viewed............
........................with a computer

 

[Tina Clarke]

I have just discovered that someone is hotlinking to my mp3 files without my
permission. These mp3 files are in a subweb at
http://atasteofjazz.saxlessons.com . This is causing me to come close to my
bandwidth allowance. This can't be legal or ethical, can it? Is there any
way to prevent this? I am using FP2003. Thanks.

Alastair Ingram
www.saxlessons.com

Steve's solution is the best and what I thought you were asking for, if you
do decide to move your folder and or rename it, use a 301 redirect to the
new location so you don't lose any Search Engine placement that you already
have, since your on apache this is easily done.
http://www.gnc-web-creations.com/301-redirect.htm

Also inform the isp and host of the people who are linking to you and
stealing your bandwidth.

hope this helps

Tina
Tip now out is: FrontPage 2003 has design guide
http://frontpage-tips.com/ - FrontPage Tips
They are primarily for FrontPage 2003 but will be good
for earlier versions too.

 

[Tina Clarke]

To add to my post.... I mentioned this post to a friend and she suggested

Make a small recording on your pc explaining to the listener that it is a
shame that the site owner is stealing this mp3 but if they would like to
visit the true source of the files - please visit www. blah blah... (The
files must match if the files do not match they will get an error message)
this equates to FREE advertising. Might be worth increasing your bandwidth
for this .... it will probably be quite a while before the other website
notice your in effect using their use of you!

I thought this was a rather neat idea

Tina

http://accessfp.net/ - FrontPage Resource Centre
http://anyfrontpage.com/ - FrontPage Ezine - Free FP Ebook
http://addonfp.com/ - FrontPage Addons
http://frontpage-tips.com/ - FrontPage Tips NEWLY LAUNCHED
http://msmvps.com/frontpage/ - FrontPage News & Articles Blog
http://frontpage-advice.blogspot.com/ - FrontPage Advice Blog
http://frontpage-ebooks.com/ - FrontPage Ebooks

 

[A Ingram]

I have just discovered that someone is hotlinking to my mp3 files without my
permission. These mp3 files are in a subweb at
http://atasteofjazz.saxlessons.com . This is causing me to come close to my
bandwidth allowance. This can't be legal or ethical, can it? Is there any
way to prevent this? I am using FP2003. Thanks.

Alastair Ingram
www.saxlessons.com

Thank you all for your help. I wish that I didn't have to deal with the
bottom feeders.

 

[Steve Easton]

It's an unfortunate fact of life in the "cyber world."

--
Steve Easton
Microsoft MVP FrontPage
95isalive
This site is best viewed............
........................with a computer