prevent hotlink and direct access with exceptions

Forum Moderators: phranque

Message Too Old, No Replies

prevent hotlink and direct access with exceptions

g3nti

12:46 pm on Feb 27, 2007 (gmt 0)

Hi all, i'm new here, sorry for probably double posting ( and for my english )
I'm trying to use .htaccess to preserve my .asx files from direct access and hotlinking, except for my domain ( where i stream them using al html embedded player )

now i'm using this .htaccess file ( created by a generator )


RewriteEngine on
RewriteCond %{HTTP_REFERER}!^http(s)?://(www\.)?domain.com [NC]
RewriteCond %{HTTP_REFERER}!^http(s)?://(www\.)?domain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER}!^http(s)?://(www\.)?ip_address [NC]
RewriteCond %{HTTP_REFERER}!^http(s)?://(www\.)?ip_address/.*$[NC]
RewriteRule \.(asx)$ - [NC,F,L]

where domain.com is the website domain and ip_address is te address of the webserver where .asx files are stored.

Now, hotlinking of my .asx file is disabled on my domain.com too, and direct access to the .asx file is enabled.

How to grant hotlink and direct access to the .asx file just from my domain?

Regards,
g3nti

jdMorgan

2:06 pm on Feb 27, 2007 (gmt 0)

Most media players *do not* provide an HTTP_REFERER header, so the entire basis of this method is flawed.

You can either use a cookies-based script to serve your protected content, or use dynamic URLs for the protected content -- give each visitor a different URL for each file, so that the content cannot be linked-to or directly accessed except for a short period of time.

Both approaches are somewhat complex and involve server-side scripting, so only you can decide if this is worthwhile.

We've got quite a few previous discussions of protecting media files from theft and hotlinking here, if you want to use the site search [webmasterworld.com] to look for them.

Jim