Hotlinking Script 100% Fullproof(!?!)
 

Hey,

I think I may have found the solution to hotlinking files. Hopefully saving you guys loads of money from bandwidth.

What I need to do, however, is test it first. I want to make sure that nobody can download my file.

The test file is:
http://www.cj-design.com/downloads/h...hitcounter.zip

(you could try any file on my site, but this one is the smallest in KB's)

OK, try as many methods as you can to download this file - WITHOUT GOING THROUGH MY WEBSITE!

The leech file is here:
http://www.cj-design.com/leechers.php

It will keep a record of how many times the file has tried to be leeched.

I must stress that this method of hotlinking requires no php/cgi programming although a php script will allow for the set up of the file.

If you can manage to leech the file, please post:

1) how you did it
2) where you leeched it from
3) how crap you think my attempt was

Now get leeching!

P.S for the people who struggle with HTML, to insert it into your webpage use this code:

just to let everyone know;

the 'script' will protect any type of file: jpg, gif, zip, mpg, avi, mov, asf, wmv, wmf, rm, ram you name it.

Also, what would be the price you would pay to stop people taking your expensive bandwidth? - should this script be free? :)

Depends on the amount of work you put into it, and more importantly, what you think it's worth.

Thanks for the question son.

I put alot of work into it, researching apache mainly - thats the only downside of this script incidently, it will not work on windows.

I think it is worth a few dollars put it that way. If you look at the prices of anti-leech scripts out there - they cost quite a bit (the decent ones anyway)

So are you gonna carry on paying bandwidth overflow charges or pay a one off price for this beauty?

name your price - webmaster?cj-design.com (change ? to @)

looks good :)

Anyone have a Script for a windows box?

I was successfully able to download and unzip the file using flashget.

http://www.amazesoft.com/

Doh!

Ok, so its not 100% fullproof then! I cant see a way of getting around flashnet.

The easiest trick to fool hotlink solutions is to have a small script
that leeches the files and writes a fake referrer in the request header.

DynaMite

Did you try that method on my script? I don't think it would work :glugglug

bump - does anyone actually post on GFY anymore for the purpose it was created?

It's not really possible to stop 100% of leeching - the aim is to stop 99.9% of it :)

It's a piece of piss to set up a curl request with the referer and user agent faked - the web server cannot tell the difference from a real surfer.

However, you just want to stop a massive bandwidth hit from having tons of joe surfers looking at it ..

This solution looks pretty good:

http://www.serverwatch.com/tutorials...le.php/1132731

Doesnt use rewrite but looks effectively the same. Just put a .htaccess with 'Allow from All' in it, for the dirs you want to leave hotlinkable, and modify the extensions to include the file types you want to protect.

If you want to stop people from sucking 2 gigs of content from your paysite, that's another story - the way I would go at it would be to pipe logs to a process that can analyse activity on the fly .. then set it to watch for suspicious activity that indicates leeching; then kill the account or 'Deny from' the IP of the leecher.

OR, set the document root to be a PHP script that can handle content negotiation.

Hey James!

I post on GFY for good purpose...lots of fun-loving clowns like to turn posts into a circus though...keeps things lively

:winkwink:

James has done some custom work for our sites and the stuff he wrote for us has worked like a charm...very pleased. He wrote a script for us that we were quoted a week or more to create by other programmers and as much as $15,000 (only the good lord knows why we were given a quote that high)...we caught James at a good time and he knocked it out of the ballpark in 5 hours for a price so reasonable I will not repeat it here.

He has since done quite a bit of work for us and we're thoroughly pleased with his skills and creativity. And he's extremely easy to work with - very personable. I know there's a lot of great programmers who frequent GFY...we have never worked with anyone but James and he is top-notch in our book.

Thanks for the support! :GFYBand

wortha bump

how does directnic.com do it with their free hosting?

I downloaded the file with no problems using mozilla.

Post is over a year old :1orglaugh

:1orglaugh
I didnt noticed until you said it.