Anti Leech using HTTP REFERER is invalidate

Forum Moderators: phranque

Message Too Old, No Replies

Anti Leech using HTTP REFERER is invalidate

wmstlxl

3:24 am on Aug 16, 2006 (gmt 0)

I have some download files protected by "HTTP_REFERER"
the config is:

----------------------------------------
SetEnvIfNoCase Referer "^http://www\.mydomain\.com/" local_ref=1

<FilesMatch "\.(pdf¦exe)">
Order Allow,Deny
Allow from env=local_ref
</FilesMatch>
----------------------------------------

A long time this work fine.

But last 3 days, I check my log files,
I find someone use a "Counterfeit" HTTP_REFERER to download these files.

I sure these requests are not from my website, but these requests had a "Counterfeit" HTTP_REFERER like "http://www.mydomain.com/".
then Anti Leech using HTTP_REFERER is invalidate.

Who can give me some advice? I want to look for another method to protecte my files on Apache.

Thanks.

webdoctor

7:29 pm on Aug 17, 2006 (gmt 0)

files protected by "HTTP_REFERER"

This protects you (to some extent) against other sites hot-linking to your content.

This is all it does.

What sort of content (files/images/pages) is it you are trying to protect?

Do you allow all visitors to your site to access this content?

wmstlxl

2:55 pm on Aug 20, 2006 (gmt 0)

I want to these files can only be downloaded from my website's link.