homepage Welcome to WebmasterWorld Guest from 54.225.1.70
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
Forum Library, Charter, Moderators: phranque

Website Technology Issues Forum

    
stop the bandwidth bleeders
limiting file access to my server and its web pages
rmeyers




msg:673598
 5:10 pm on Dec 1, 2001 (gmt 0)

How can I limit the access of files to be download from my web site through my web pages only? It seems others are just copying my "downloads" web page onto their web site, and then their visitors are pulling down the files from my web server without ever even knowing the "real" site exists. It is very confusing for the users of my software. Not to mention that this is bleeding off over 100GB of bandwidth each month!

It seems that there would be a simple settings to limit the access to visitors of my web site only.

 

ggrot




msg:673599
 7:57 pm on Dec 1, 2001 (gmt 0)

Hmm, I don't have code for you, but just make a .htaccess setting for all the downloadables and if the user's referring url is not from your site(or is blank), dont let them download it - [F].

rmeyers




msg:673600
 10:59 pm on Dec 1, 2001 (gmt 0)

The .htaccess doesn't seem to do the trick, at least to the extent of my knowledge. I tried the following, but then nobody really is able to get in. How do you specify the "referring URL" directive?

<limit GET>
order deny,allow
deny from all
allow from (myserverip)
</limit>

gethan




msg:673601
 4:04 pm on Dec 4, 2001 (gmt 0)

Hi rmeyers,

Welcome to WebmasterWorld

I think what you are looking for is some of the functionality available via mod_rewrite on apache.

The basic theory is that the referrer is checked and if its not your site then block them.

Better would be a message saying - "link to me - don't steal my downloads". And hope they test - spot the message and link.

Blocked In-line Images

Problem Description:

Assume we have under [quux-corp.de...] some pages with inlined GIF graphics. These graphics are nice, so others directly incorporate them via hyperlinks to their pages. We don't like this practice because it adds useless traffic to our server.

Problem Solution:

While we cannot 100% protect the images from inclusion, we can at least restrict the cases where the browser sends a HTTP Referer header.

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.quux-corp.de/~quux/.*$ [NC]
RewriteRule .*\.gif$ - [F]

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !.*/foo-with-gif\.html$
RewriteRule ^inlined-in-foo\.gif$ - [F]

From [engelschall.com...] which is currently down hence the copy and paste...

Good luck

DaveAtIFG




msg:673602
 6:05 pm on Dec 4, 2001 (gmt 0)

Ralf Engelshall's URL Rewriting Guide (that gethan is quoting from) is also available at the Apache site at [httpd.apache.org...]

rmeyers




msg:673603
 7:08 pm on Dec 4, 2001 (gmt 0)

I thank those of you who replied. I ended up using the following technique and it works as desired :-)

As a courtesy to whomever may need this fix in the future I am posting it. I created a .htaccess file and the contents were:

AuthUserFile /dev/null
AuthGroupFile /dev/null
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://www.your_domain.com/
RewriteCond %{HTTP_REFERER} !^http://your_domain.com/
RewriteCond %{HTTP_REFERER} !^http://your_ip_address/
RewriteRule /* [your_domain.com...] [R,L]

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved