protect your files from download

Forum Moderators: phranque

Message Too Old, No Replies

protect your files from download

disable the ability to view files

elanio

11:12 pm on Oct 8, 2009 (gmt 0)

I am trying to find out if it's possible to disable/prevent the end user from downloading files off your server through .htaccess.

Ex:

end user navigates to my website at: http://www.example.com/video

on the video page, end user is watching an .mp4 video. right clicking on it and selecting save as source and he is able to download/save the file.

How can this be prevented?

alternatively, if he/she is to view the code ('src="com/mp4/video.mp4"') and plugs that into the URL at the end:

http://www.example.com/video/com/mp4/video.mp4

the prompt does not happen nor are they able to view the video.

Hope that is clear enough.

thanks!

caribguy

12:39 am on Oct 9, 2009 (gmt 0)

You can hide the ability somewhat, but a determined visitor will always be capable to get to your content.

Things you might want to look into include checking for a cookie or session hash, time-based urls, referrers, user agents, the user's ip address and other parts of the request that make it possible for you to uniquely identify a whether a request for your video is legitimate (i.e. in the right context).

The combination of these factors can make it more difficult for a casual visitor to access your video directly. Realize though that they could always capture the stream while the video is being watched :)

elanio

4:00 pm on Oct 13, 2009 (gmt 0)

So will .htaccess hot-linking etc.. have the ability to deter people from being able to save as when right clicking a source?

I know that it is virtually impossible to prevent someone, but I was looking more for a quick easy solution that will at least 'delay' people from saving.

caribguy

4:00 am on Oct 14, 2009 (gmt 0)

mp4 is a wrapper for other formats, so I can't tell whether it would be - as an example - possible to embed the video in a player. Also, your options will vary depending on the protocol that you use to transfer/stream the content (e.g. http / mms / rtsp).

Even if you prevent right-click downloads, the user might press ctrl-u and look at your source code to find the url...

Hot-linking is a slightly different matter. There are a lot of threads about it on WebmasterWorld.

"Quick & Easy" isn't really possible, user jdMorgan makes some very good points at the bottom of this thread about image hotlinking: [webmasterworld.com...]