|
Prevent and Profit from VIDEO hotlinking.
ok heres a simple way , feel free to modify it.. if you know of any other tricks , feel free to let me know
Save the following as index.php and put it in a folder with your videos Code:
<?phpok now make a new folder in your main directory, save the following as .htaccess ( modify the url to point to the directory with your videos ) Code:
Options +FollowSymlinksNow keep in mind this doesnt actually prevent hotlinking all it does is rewrite the request to a different folder , so if you try to get http://yourserver.com/protected/video.wmv it would get the video from a different folder and write it into an html file.. the end video is still unprotected , so if someone views source of the html they can simply get the redirected movie url BUT heres what you do.. you can simply rename the folder with your protected videos then change the .htaccess file to reflect that every so often , you dont have to change any of your links as they will just be redirected to the new folder without any changes on your part synopsis. If you normally had a link like http://yourserver.com/1/video.wmv it will rewrite it as http://yourserrver.com/2/video.wmv , embed it in a page so you can add advertising , if the hotlinkers ever find where the true video resides you can simply rename the destination folder without having to change any exisiting links on your page , (i.e. you can link using http://yourserver.com/1/video.wmv and never have to change it regardless of where the real videos reside ) |
bumpooooooooooooo
|
good stuff smokey
|
ya video hotlinking you will need actual software or write your own module. cause when linking videos sometimes it sends blank refer, fake refer, or anything different with images, i pay for antihotlinking.com great software.
|
Quote:
With this method though you get the added benefit from people that "think" they are hotlinking your videos but they are actually helping you make some profit.. and it works about the same way as true anti-hotlinking methods other than you have to do a little modification every now and then to keep the clever people away |
or you could do some crazy shit with swf + php + flv + cookies + some js. :)
|
you can do similar setup to turn jpegs into jpegs on html :thumbsup
|
p.s. thehun likely wont accept a gallery using this anti-hotlink method because the script wont be able to detect if theres actual movies on the gallery ( because the requests would be handled by the php file ) ..
You could still use this method though by changing the php to redirect directly to the video instead of creating an html page to ebmed it into. This way your gallery will still get accepted.. ( you would then be just as prone to hotlinking, BUT you can change the destination video folder with one line of code instead of changing all the html files.. example if i made 200 hun galleries and each one had 4 videos on it.. like < a href=http://yoursite.com/hotlink/1-a.wmv>1</a> the real video would be in http://yoursite.com/differentfolder/1-a.wmv redirected using the htaccess , now if people started hotlinking your vids you simply change the destination folder to yoursite.com/newfolder, then change the 1 line of htaccess and you dont have to change 800 links on all the html pages.. its done with one simple edit. |
Quote:
|
cool stuff man
|
so if you wanted to get your galleries listed on the hun and cant use the above method because the script doesnt allow. then it use this.
If people start hotlinking the videos , all you have to do is rename the folder with the videos and change this one php line to reflect the new folder name , without having to change the html in the galleries Code:
<?phpp.s. you would use the same htaccess from above as well. |
Wicked info. :thumbsup
|
smokey is one of the few posters here that actually has incredible info and tips to share. Thanks Smokey!! :)
|
your last cloaking code works very well!
|
p..s. if anyone needs some help or modification feel free to hit me up on icq and i will walk you through it, its very simple , i'm not always on , but if i'm not doing anything im glad to help..
|
Quote:
|
Awesome! Where's Hal with his Flash of Fucking Brilliance award?
|
Great stuff one of the best GFY threads of 2006 ;)
|
Isn't the $_GET part bad for security?
I can pass whatever I want to the variable. |
like blah x=http://www.spywaresite.com/?.wmv
so when you add the ? it pretty much ignores the .wmv right? |
Quote:
change the abopve code to the following to be more secure Code:
<?php |
Code:
<?php |
smokey, I love that you are learning html man....you have been posting some cool shit lately with your new knowledge
I can't wait to see what you will be doing in a years time with it |
Smokey, just some info to pass along, in case you're interested.
You can look into preg_match to clean variables or test them also. Will come in especially handy if you learn regex's or know a little about them already. www.php.net/preg_match Code:
So then: page.php?test=filename.mpg would passCode:
if( !preg_match('/^([A-Z0-9\ \-]+)\.mpg$/i',$_GET['test'],$m) ) { |
Thanks for the tip man :)
|
Quote:
|
Quote:
like using you method if someone tried to introduce bad string it would fail using mine it wouldnt show bad stuff , but the page just might not work right ..? |
i did find an interesting side note though while testing bad string as input ..
if you make a page with <embed src=video></embed> with no file extension , and have a video in the directory named video.mpg , it will play fine.. starnge |
i did find an interesting side note though while testing bad string as input ..
if you make a page with <embed src=video></embed> with no file extension , and have a video in the directory named video.mpg , it will play fine.. starnge |
Quote:
REPLACE THIS: Code:
$mov = $_GET['x'];Code:
if( preg_match('/^([a-z0-9\ \-]+)\.mpg$/i',$_GET['x'],$m) ) { |
Quote:
|
but the file extension isnt passed along with the strin "x" just the filename
|
Smokey I'd love to have access to your script archive!
|
Now this a useful post ... why can't there be more like that!
Good job! |
ok heres a more secure method
the other one could be exploited by ?x=file%20onload=badstuff> ( nothing serious but just to be sure lets try this one sorry for the slopiness im new Code:
<?php |
Badass thanks Smokey
|
This code has been around for a quite a while for displaying still images in neatly formatted pages when they are called up "bare". It works just fine with type-ins or when another site provides a link to your image: then your server will redirect the request and deliver the pic up in its page. But if someone hotlinks the image itself via "img src", you will just see the usual red "x" (or nothing, depending on your browswer).
It doesn't matter how tricky you get, browser's will not allow you to deliver anything except an image if an image is what they were expecting. Whether movies present the same problem I don't know, but have you checked that? |
Quote:
Most people link to the videos.. thiw wouldn't work if you ran filecabi.net , but it would work on galleries |
Quote:
|
Quote:
For anyone who tries using that version for images, I had to alter one of the htaccess lines to get it to work, putting: Code:
RewriteRule (.*) /showpic.php?pic=protected_directory/$1Code:
RewriteRule (.*) /showpic.php?pic=$1 |
I used to host with xcite.net and Mike had a great page up with some info about protecting your videos. Not sure how relevant it will be today, but here it is.
http://www.xcite.net/resources/index.html |
| All times are GMT -7. The time now is 02:31 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123