|
Protecting the video - EXAMPLE
OK guys, here's the deal. I created a small PHP script called view.php, which I setup in the home dir of the free site.
Site URL: http://free-gaysites.com/a_cock_sucking_fiesta/porn/ view.php URL: http://free-gaysites.com/a_cock_suck.../porn/view.php Here you can find an example of the script in aciton: http://free-gaysites.com/a_cock_suck..._movies_8.html It's applied only to the last 6th movie. I put my movies in 3 dirs: /images/movies_1 /images/movies_2 /images/movies_3 In the script I configure the home dir of the movies in relation to view.php: PHP Code:
http://free-gaysites.com/a_cock_suck...06_wmv_med.wmv Now, this will download the file in the browser AND will allow even opening from the browser in Media Player or similiar application. But if you try to download everything thru a download manage (I used Flash Get, which supports cookies) you will end in endless loop that won't ever download the file. Here's the actual code of the view.php script: PHP Code:
Deny from all That will won't allow direct downloads, by just entereing the URL in the browser address bar: http://free-gaysites.com/a_cock_suck...06_wmv_med.wmv will return Error 403: Access denied (currently I don't have .htaccess setup) |
1 Attachment(s)
I went to that gallery, right mouse clicked, and downloaded the movie. What am I missing here?
|
Corret, that is working :) But you won't be able to download them all thru a download manager, which most of the foreigners that won't even dare to go to the paysite tour would do (I'm a foreigner myself, but whatever). Now if you have a super quick connection you'll be able to watch the movies peacefull without having to put them in a download list to watch them later (total size of all 18 clips is 20MB). Now the thing is that I LIKE people with quick connection - these're the surfers I actually put the content for - the ones that can browser it, like it and continue to the tour. But surfers that pass thru the page, right click and select "Download all with FlashGet" just kill me!
For example, today I have 1115 visitors on one of the site's mirrors AND ONLY 35 tour exits. My ratio unique:exit is 1:32, which drives me nuts! Another site that has only picture content of the same paysite has 703 unique vistors today and 51 exits, which makes it's ratio 1:14 - I can't stand this the picture site has better conversion than the movie site... Minding the fact that 50 full downloads of the site (meaining a surfer coming and downloading all free movies) will end in a GB burned bandwidth. Well if 1/3 of the total is doing this, means by that moment I have about 300 surfers downloading all movies - 6 GB bandwidth for who knows who?!? |
Ok I finally understand what it is you are trying to do.
Basically you are showing a way to prevent hotlinking of WMV files and site rippers. Since there is no javascript or anything like that on your page and your links are not that strange. (href="view.php?file=movies_3/clips/BTG_PBT_Daemon_06_wmv_med.wmv") I would not have a problem with this. :) At least not unless someone points something out that I missing. lol |
Btw, I was thinking the same thing about images as well. Passing them thru PHP may enable file tracking, means that you can check how many time a certain picture has been opened, which may be useful for creating big thubmanil galleries (more popular pictures, more traffic). The same thing applies to the movie files as well - I can now add some tracking code to the PHP and tell if somebody downloaded the file or not, which can be used for file ranking etc.
Comments from other people reading this thread are more than welcome. I must be sure that I won't be declined by somebody for some strange reason. |
I clicked the 6th movie thumb and IE6 opened the File Download box.
I think this could cause issue with MGP's that just want it to open media player as "normal". I don't have any special settings in that regard as far as I know. |
After clicking on the link Firefox asks me to:
1) download the file with FF 2) open with default application 3) download the file with FlashGet Options 1) and 2) work perfectly, means that sent from the browser to the player will work, which I'm 100% for most of the popular media players out there such as QuickTime, MediaPlayer and Winamp. |
Problem is that IE's download box basically tells you DONT open or save it, then gives you the option to open or save it or cancel or get more info.
I think it's a cool idea, I'm just suggesting that if a reviewer see's a movie site/gallery and they click a movie thumb and see something other than their player opening and playing it, it's problematic.. |
Wouldn't using mpegs and htaccess do the same thing?
|
Quote:
|
Is this passing your video content through php? Would that not be VERY intense for your server? Does it ramp up if 100 people are downloading videos at the same time?
Alex (in vegas...) |
What I meant was that mpegs, unlike wmv files, can be protected against hotlinking and site rippers using htaccess.
This still wouldn't prevent a user from choosing download later but to be honest I don't see that as a big enough issue to worry about. |
I think I'm going to move this to mixed galleries - both photos and videos. Something like 14 pics & 2 movies - something like that.
|
I hate to rain on your parade, but if people are smart enough, they'll just tell their download manager that it's ok to "download" .php files. Just tried it with Reget and it worked perfectly. Of course if they're smart enough to do that, then theyre probably smart enough to know that the best "free" porn is not found at link lists or TGP's. Unfortunately, if you know how and where to look you can get free ( albeit illegal ) access to just about any paysite you want. No, I will not elaborate.
|couch| |
lol
|
Re: Protecting the video - EXAMPLE
Huh, it's don't work - i just copy your links from gallery, send to another machine and download movie...
Do you think on forums will publish your movie ? Nope... Only this links: http://www.free-gaysites.com/a_cock_...05_wmv_med.wmv Just try this hotlink :) |
Hey thank you for reminding me. Hotlinking is now disabled with just a few lines and still downloading from the gallery is available, check this page for example:
http://www.free-gaysites.com/a_cock_..._movies_4.html In the mean time, my ratio today is 1:18 on 600 vistors by that moment, which is more than better, means almost 100% better ratio than yesterday. |
ClickBuster.... I am really impressed with your thinking and you sharing this!
I'll hook up a link or two to that gay domain to say thanks.. but don't hesitate to ask if you ever see anything I can do for you in the future. ;) have you found any limitations or problems with it since first posting this? Do you know if it is heavy on disc or cpu load? Don't know enough to work this out myself.. but is it using any server resources during the download period or just once off when the download is executed? |
Hey Opti!
There was a small problem with this thing, which made me drop it. The general reason for this script to be written was that the movie players are not sending ref URL, which is why people can't protect them with regular .htaccess (you probably know that is the easy way to protect picture content from hotlinking). What is good in that case is that the script WILL protect your videos from beeing hotlinked, BUT won't play them directly in the Media player. Now if you make sure that the browser won't try to open the file directly in Windows Media Player for instance and instead ask where to save the file - you're all good to go with that script. However, many link lists won't like this and you may not get listed, unless people know what you're doing there and support you :) I would suggest using the sciprt WITH an explanation text, explaining that due the site's policy blah blah blah, THE SURFER HAVE TO DOWNLOAD the movie, before watching it :) Now to make sure that your browser won't try to STREAM the movie, make sure it's not sent in application/octet-stream format, but it should be a binary format THAT the USER can't open directly (for instance, if you say that is a binary file that should be opened by JURU-MURU software, you're OK). However, there's a big chance that the BROWSER will try to open the file with a media player, BECAUSE the file extention is .wmv or .mpg for instance. So as a conclusion, the TEXT varsion, with the "First download, then watch" explanation would be your best choice. Andrew PS Don't be so impressed, it's really not a big deal :) PSS This increse your server's CPU time with a less than 1% (I can't say 0% and I can't estimate the exact number, which is very small) |
Thanks Andrew... good explantion. For my purpose that should be fine too.
Lost you on ICQ |
Clickbuster, I can see this loading up the server pretty good, especially if you have MANY people requesting files at the same time. I am sure that there is a finite limit to the number of people who can request files at the same time before your server is going to go nutty.
What would your gallery look like if you put it at the top of the hun? How long before smoke comes out of the server? redirecting folder requests to scripts is not a big issue, disgusing one file format as another that way really isn't a trick - but piping all your content through a CPU intensive code is not exactly a great situations. I think cleo is much more on it - use MPEGs... Alex |
Alex, I dropped the idea long time ago, but still, I'm quite sure it can handle a good load of traffic ;) Guessing a number, I would say it can handle at least 4000 requests performed in the same very moment on a 800mhz P3 server with 512MB RAM... However, you won't be able to perform the test, unless you really have the chance to leave the thing working for at least 1-2 hours after beeing listed on the hun :)
|
What do you guys think of what I got..
http://www.antihotlinking.com/index.php phat told me that this is the best there is and I gave them stuff I found before I got this and everytime he emailed me back and said something negitive about it what is nice is that every domin I have on my sever has a status page in real time that shows page requests that has movies on them and normal movie requests and hotlinking ones and it gives the ip of the hotlinkers all one up to the second, I think its great and all I got to do is email my host to change settings like where to send hotlinkers and there is all kinds of settings and I still need to read up on all of them.. |
Clickbuster, you are suggesting it could handle 240,000 requests a minute on that size of a server? I don't think so. I think you got about two zeros too many in there...
Plateman, are the majority of your hotlinks from one or two sources? Alex |
Rawalex as of two minutes ago I am showing 5 different ip's and traffic is dead you should see the page on a hun movie gallery or a few other tgps, I can refresh the page and see exactly whats going on and on a busy night there are many different hotlinkers I think I remember over a 100 ip's I am no ht.access wiz and this was recomended.. So I am doing the 39.00 a month till its paid for.. and I dont have to fool with it much, one person did steal a gallery and I emailed my host and they used ht.access for that..
|
plateman, 100 different IPs is pretty normal for a single hotlink source. Looking at IP addresses to determine if someone is a hotlinker isn't really a good way to do things. You could end up shutting down a major ISP because 3 or 4 people happen to hit the gallery at the same time.
I would be much more interested to see the SOURCE of the links... where are these people all coming from? I had one the other day from a japanese chatroom. On IPs, I probably got hit by 5000 different IPS in an hour. But the SOURCE of the hits was one place. One minor adjustment to a global htaccess, and they are not getting there anymore. Most people aren't just randomly typing in your address - they are coming from somewhere. Blocking that referal source is an important step to removing your hotlinking issues. Alex |
Quote:
Andrew |
Clickbuster, I never have anything about sharing - what I have is something against false hope. I am not getting on you, I am poking at the idea and saying that I don't think it will work like you are suggesting.
PHP isn't made for, isn't robust enough, and doesn't have the thruput to truly handle what you are suggesting. PHP is an interpreted language, not a compiled one, so it runs basically in a container, which has much higher overhead than cgi. Yes, it can be done the way you suggest, but I seriously doubt the scale you are talking about. Basically you will be anywhere from double to quad hitting the central bus (depending on if PHP is using disk cache during the operation), and you will be limited specifically by the amount of bus time available. Remember, processing files in this manner means READ (bus) PROCESS (bus) possibly CACHE (bus X 2) output to NIC card (bus) - plus all the underlying actual file handling going on with the OS. You could have run the same file across the bus 10 - 20 times before it gets sent out. Certain banner rotator programs use PHP to pass the banner image, and that alone is enough to grind many servers to the point of being useless. Using PHP to pass 1 meg or more per process for 4000 processes is just not very likely. I think you need to figure out how long it would take for each movie to be delivered from a server with a 10mps line (which probably passes closer to 8mps)? (or Sparky might chime in here with the calc...) My rough guess is this: 8000kbs/ 4000 users is 2kbs, which means 500 seconds per 1 meg file - and that assumes your server ain't doing anything else. Remember, it's not the person, but the ideas - I think you are a smart guy looking for a better solution - but you need think the implications through before proposing this sort of solution. Keep trying - your on sort of the right track, just using the wrong tools. Alex |
I looked at the script at the beginning of the thread -- it looks to me like you are using a cookie to prevent hotlinking of .wmv files. Preventing direct access to the file through .htaccess, requiring the file to be sent through php. One potential issue here is that if it takes more than 30 seconds to download the file, its possible that you'll exceed the max_execution_time default in php.ini and the connection would be closed prematurely. Also, since it is a php file, if your host has mod_gzip or mod_deflate configured based on file extension rather than mimetype, you'll corrupt data.
I'd have to dig through the php sources, but, I believe fpassthru uses the kernel sendfile, which, uses a zerocopy buffer on linux (not on Freebsd) -- that in itself would be almost as efficient as using pure apache. I don't know if readfile does, but, its possible. The 80% duty cycle on ethernet is a bit high, but, considering a full duplex connection, and no transmission delays, 4000 users would quite easily be 500 seconds to download, but, lets consider that 4000 users is probably atypical and that you wouldn't reach that because it would probably exceed Apache's maxclients prior to that. I think the max I have ever seen maxclients set to has been 2048 on a public webserver and is typically 512 or less. However, your method does bring one thing to mind. You mention .htaccess to protect your videos with a deny from all. This gives me two ideas, one of which replicates what I think you're trying to do, the other being a bit off the beaten path. With mod_rewrite, you do have %{HTTP_COOKIE}, so, you really could write a rule that checks for the existence of a cookie & value to make sure they can download, and that would avoid php altogether. You'd set the cookie on your page using javascript or a .php file parsed that sets the cookie. Then, apache's mod_rewrite would check for the cookie and decide to serve. This of course eliminates those people using privacy software that don't accept cookies. There is another way you could do it using php which is a bit different. If you serve the gallery, you have the IP address of the surfer (or at least the publically available address that they would be sucking the file down from anyhow). You could put the page in a directory and the videos in a subdirectory. When the page is served, you would take the current surfer's IP and append it to the end of the .htaccess in the videos subdirectory along with some timestamp so you can clean it later. If you aren't using php to serve the page that the surfer sees, and I usually dislike using dynamic pages, you could wrap an img src so that it would write the file. so you end up creating a .htaccess in your videos directory like: order deny,allow deny from all allow from 1.2.3.4 ; timestamp allow from 3.2.4.5 ; timestamp allow from 4.5.6.2 ; timestamp At this point, again, you have apache processing only your initial pageload, and then apache does the work of sending the files. Then once every few hours you clean out the .htaccess using the timestamps to expire 'old' entries. You could write a mod_rewrite that uses an external ruleset to eliminate the read-write. You really need to figure out the duty cycle for the script and how many downloads/day you're really talking about to figure out which approach will work best. If you get a Hun listing, the more processing you must do to determine how to prevent the hotlinking, the more trouble you'll end up with. |
Um, I was going to say that, but Sparky got to it first.
|confused| |
Alex, fuck the resources! Lets figure this out and we'll see what happens next and if it works we will optimize.
The problems here: a. This has to be easy to integrate b. It should allow regular surfers to open the file and to disable access for hotlink redirects c. If possible, it should open directly in the player the surfer is using The best thing that cames to my mind is to log visits on every page and check logs when it the times come to send the video. The links should point to mod_rewrite accessed script, that way it will look as a regular URL and none of the LLs would mention it and make a problem out of it as it happened a couple of times with my sites. And I think that's it the simpliest way to explain this. Let me know if you want me to go further :) Andrew |
Andrew, resources are always key to any programming discussion, as you don't have infinite cycles, infinite memory, or infinate network access at your disposal. In simple terms, you can't stuff 10 pounds of shit into a 5 pound bag. You have to be EXTREMELY careful to avoid making your system vunerable by making it work too hard or handle too much.
You also don't want to use something that is remote user dependant. Cookies are being declined more and more by end users, which means you could end up refusing more and more valid surfers. Have you considered putting your videos in a directory that in NOT accessable from the outside at all (not in the domain, but in a seperate folder somewhere on the machine) using htaccess to redirect all regular requests of a small cgi to check refering page and such? That cgi could then serve the file transparently, and it would never be accessable from the outside (no direct link except through the CGI). You could probably do the same in PHP, but it would be way less effecient, I suspect. Alex |
Quote:
To make sure no one can view the video without having viewed your site first.. When the video file is requested, create a sym link on the fly, probably an md5 hash of their IP and browser agent. Then just delete all symlinks every hour or day or whatever period to suit the situation. (that's a simplified description but hopefully you see where I am coming from and know if it's feasible) PS.. you guys should be careful Under-Estimating young Andrew.. you might be surprised to find out what and who he has been employed to code for in the past. ;-) *edit: Quote:
|
I would probably suggest you do that with the hidden directory -- that way, you're not creating 6 symlinks for each pageload.
Workable, yes. Another possibility is generating a hash on the fly that would be verified by some filter module -- of course, hosting this on a server where you can't install a module might be a bit difficult. But, if you display the page with some hash in the filename, your filter module could determine if the hash was valid and serve the file. You MIGHT be able to do this in mod_rewrite with some creative regexp's that look for a particular key. Many many ways to do it. The question is, which way uses the fewest resources and will hold up to real-world exposure. |
Ideas everywhere... so who is going to code the "perfect" solution for the rest of us?
If 20 of us that want to use this all throw in 10 bucks each.. $200 should buy a good coder's time to put it together and test it properly. Give it away but code it to redirect hotlinkers to an a fixed page (or load a video advert) which the webmaster can't alter... unless they register for a "licence key" here at GGandJim. The people who contribute cash for the coding own a share of the default surfer messages... and the board gets the viral marketing effect for webmaster traffic. |
Ah... I dream for the days when Im actually going to pay somebody to code for me...
|
Quote:
http://www.antihotlinking.com/ Installs on Apache in about 5 minutes, doesn't use cookies, no php, doesn't seem to put a big load on the server, although I'll admit that I only push an average of 1.5Mbps with the occasional bursts to around 6Mbps. Run a script to install the software, make a few edits in your apache config, restart apache and you're done. It's a set-and-forget type of deal. There might be better solutions if you're not limited to following TGP/Linklist rules, but if you're a submitter that needs to protect movies this product is money well spent. |
Quote:
|
Quote:
Thanks for the info Airdick... $300 per domain makes it sound like my 200 dollar estimate for a coders time may have been low huh :D They do sound like they have pretty much exactly what we would want though! (they pay a 20% commission for refferals http://www.antihotlinking.com/resellers.php .. you signed up for that Airdick?) |
Quote:
I'm not signed up for the affiliate program and it looks either resellers charge a higher price ($249) or the reseller page hasn't been updated. |
| All times are GMT -4. The time now is 09:46 PM. |
Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
© Greenguy Marketing Inc