Protecting the video - EXAMPLE

[ClickBuster]

OK guys, here's the deal. I created a small PHP script called view.php, which I setup in the home dir of the free site.

Site URL:
http://free-gaysites.com/a_cock_sucking_fiesta/porn/

view.php URL:
http://free-gaysites.com/a_cock_suck.../porn/view.php

Here you can find an example of the script in aciton:
http://free-gaysites.com/a_cock_suck..._movies_8.html

It's applied only to the last 6th movie.

I put my movies in 3 dirs:
/images/movies_1
/images/movies_2
/images/movies_3

In the script I configure the home dir of the movies in relation to view.php:

PHP Code:

  $movies_path = "images/"; 


I load a file using the view.php with the $file variable pointing to the movie file:

http://free-gaysites.com/a_cock_suck...06_wmv_med.wmv

Now, this will download the file in the browser AND will allow even opening from the browser in Media Player or similiar application. But if you try to download everything thru a download manage (I used Flash Get, which supports cookies) you will end in endless loop that won't ever download the file. Here's the actual code of the view.php script:

PHP Code:

<?php
    // Home directory
    // It's important that the video file is protected as it's full path is a combination of the 
    // $movies_path and $file variables, otherwise the PHP script can be hacked
    // and allow people to read files they should have access to - password files, configuration 
    //files/scripts, etc.
  
    $movies_path = "images/"; 
  
    if ( !isset($_COOKIE[get_movie]  )) {
        setcookie("get_movie", 1);
        header("Location: view.php?file=$file");
        exit;
    }
  
    $file = $movies_path.$file;
    
    if ( is_file ( $file ) && isset($_COOKIE[get_movie]) ){
        header("Content-type: application/octet-stream");
        header("Content-Length: ".filesize($file));
        header("Content-Disposition: attachment; filename=$file");
        header("Content-transfer-encoding: none\n");
        readfile($file);
    } else {
        echo "Error 404: file not found";
    }
?>

Now the last thing to do is to protect your movies from beeing downloaded directly. Just a simple .htaccess file in the dir of the files containing the following line:

Deny from all

That will won't allow direct downloads, by just entereing the URL in the browser address bar:

http://free-gaysites.com/a_cock_suck...06_wmv_med.wmv

will return Error 403: Access denied (currently I don't have .htaccess setup)

[Cleo]

I went to that gallery, right mouse clicked, and downloaded the movie. What am I missing here?

[ClickBuster]

Corret, that is working But you won't be able to download them all thru a download manager, which most of the foreigners that won't even dare to go to the paysite tour would do (I'm a foreigner myself, but whatever). Now if you have a super quick connection you'll be able to watch the movies peacefull without having to put them in a download list to watch them later (total size of all 18 clips is 20MB). Now the thing is that I LIKE people with quick connection - these're the surfers I actually put the content for - the ones that can browser it, like it and continue to the tour. But surfers that pass thru the page, right click and select "Download all with FlashGet" just kill me!

For example, today I have 1115 visitors on one of the site's mirrors AND ONLY 35 tour exits. My ratio unique:exit is 1:32, which drives me nuts! Another site that has only picture content of the same paysite has 703 unique vistors today and 51 exits, which makes it's ratio 1:14 - I can't stand this the picture site has better conversion than the movie site...

Minding the fact that 50 full downloads of the site (meaining a surfer coming and downloading all free movies) will end in a GB burned bandwidth. Well if 1/3 of the total is doing this, means by that moment I have about 300 surfers downloading all movies - 6 GB bandwidth for who knows who?!?

[Cleo]

Ok I finally understand what it is you are trying to do.

Basically you are showing a way to prevent hotlinking of WMV files and site rippers.

Since there is no javascript or anything like that on your page and your links are not that strange. (href="view.php?file=movies_3/clips/BTG_PBT_Daemon_06_wmv_med.wmv") I would not have a problem with this.

At least not unless someone points something out that I missing. lol

[ClickBuster]

Btw, I was thinking the same thing about images as well. Passing them thru PHP may enable file tracking, means that you can check how many time a certain picture has been opened, which may be useful for creating big thubmanil galleries (more popular pictures, more traffic). The same thing applies to the movie files as well - I can now add some tracking code to the PHP and tell if somebody downloaded the file or not, which can be used for file ranking etc.

Comments from other people reading this thread are more than welcome. I must be sure that I won't be declined by somebody for some strange reason.

[Porn Meister]

I clicked the 6th movie thumb and IE6 opened the File Download box.
I think this could cause issue with MGP's that just want it to open media player as "normal".
I don't have any special settings in that regard as far as I know.

[ClickBuster]

After clicking on the link Firefox asks me to:

1) download the file with FF
2) open with default application
3) download the file with FlashGet

Options 1) and 2) work perfectly, means that sent from the browser to the player will work, which I'm 100% for most of the popular media players out there such as QuickTime, MediaPlayer and Winamp.

[Porn Meister]

Problem is that IE's download box basically tells you DONT open or save it, then gives you the option to open or save it or cancel or get more info.

I think it's a cool idea, I'm just suggesting that if a reviewer see's a movie site/gallery and they click a movie thumb and see something other than their player opening and playing it, it's problematic..

[Cleo]

Wouldn't using mpegs and htaccess do the same thing?

[ClickBuster]

Quote:

Originally posted by Cleo
Wouldn't using mpegs and htaccess do the same thing?

I'm not sure if I understand your question, but if you're asking for the file format - well that doesn't matter at all. It will work the same way with ANY file format. I use WMV because from the 6 file formats and movie sizes this is the one that suits me best - best quality:size ratio.

[RawAlex]

Is this passing your video content through php? Would that not be VERY intense for your server? Does it ramp up if 100 people are downloading videos at the same time?

Alex (in vegas...)

[Cleo]

What I meant was that mpegs, unlike wmv files, can be protected against hotlinking and site rippers using htaccess.

This still wouldn't prevent a user from choosing download later but to be honest I don't see that as a big enough issue to worry about.

[ClickBuster]

I think I'm going to move this to mixed galleries - both photos and videos. Something like 14 pics & 2 movies - something like that.

[Justin]

I hate to rain on your parade, but if people are smart enough, they'll just tell their download manager that it's ok to "download" .php files. Just tried it with Reget and it worked perfectly. Of course if they're smart enough to do that, then theyre probably smart enough to know that the best "free" porn is not found at link lists or TGP's. Unfortunately, if you know how and where to look you can get free ( albeit illegal ) access to just about any paysite you want. No, I will not elaborate.

[ClickBuster]

lol

[mila]

Huh, it's don't work - i just copy your links from gallery, send to another machine and download movie...
Do you think on forums will publish your movie ?
Nope... Only this links:
http://www.free-gaysites.com/a_cock_...05_wmv_med.wmv

Just try this hotlink

[ClickBuster]

Hey thank you for reminding me. Hotlinking is now disabled with just a few lines and still downloading from the gallery is available, check this page for example:

http://www.free-gaysites.com/a_cock_..._movies_4.html

In the mean time, my ratio today is 1:18 on 600 vistors by that moment, which is more than better, means almost 100% better ratio than yesterday.

[Opti]

ClickBuster.... I am really impressed with your thinking and you sharing this!

I'll hook up a link or two to that gay domain to say thanks.. but don't hesitate to ask if you ever see anything I can do for you in the future.

have you found any limitations or problems with it since first posting this?

Do you know if it is heavy on disc or cpu load? Don't know enough to work this out myself.. but is it using any server resources during the download period or just once off when the download is executed?

[ClickBuster]

Hey Opti!

There was a small problem with this thing, which made me drop it. The general reason for this script to be written was that the movie players are not sending ref URL, which is why people can't protect them with regular .htaccess (you probably know that is the easy way to protect picture content from hotlinking).

What is good in that case is that the script WILL protect your videos from beeing hotlinked, BUT won't play them directly in the Media player. Now if you make sure that the browser won't try to open the file directly in Windows Media Player for instance and instead ask where to save the file - you're all good to go with that script. However, many link lists won't like this and you may not get listed, unless people know what you're doing there and support you

I would suggest using the sciprt WITH an explanation text, explaining that due the site's policy blah blah blah, THE SURFER HAVE TO DOWNLOAD the movie, before watching it

Now to make sure that your browser won't try to STREAM the movie, make sure it's not sent in application/octet-stream format, but it should be a binary format THAT the USER can't open directly (for instance, if you say that is a binary file that should be opened by JURU-MURU software, you're OK). However, there's a big chance that the BROWSER will try to open the file with a media player, BECAUSE the file extention is .wmv or .mpg for instance. So as a conclusion, the TEXT varsion, with the "First download, then watch" explanation would be your best choice.

Andrew

PS
Don't be so impressed, it's really not a big deal

PSS
This increse your server's CPU time with a less than 1% (I can't say 0% and I can't estimate the exact number, which is very small)

[Opti]

Thanks Andrew... good explantion. For my purpose that should be fine too.

Lost you on ICQ

[RawAlex]

Clickbuster, I can see this loading up the server pretty good, especially if you have MANY people requesting files at the same time. I am sure that there is a finite limit to the number of people who can request files at the same time before your server is going to go nutty.

What would your gallery look like if you put it at the top of the hun? How long before smoke comes out of the server?

redirecting folder requests to scripts is not a big issue, disgusing one file format as another that way really isn't a trick - but piping all your content through a CPU intensive code is not exactly a great situations.

I think cleo is much more on it - use MPEGs...

Alex

[ClickBuster]

Alex, I dropped the idea long time ago, but still, I'm quite sure it can handle a good load of traffic Guessing a number, I would say it can handle at least 4000 requests performed in the same very moment on a 800mhz P3 server with 512MB RAM... However, you won't be able to perform the test, unless you really have the chance to leave the thing working for at least 1-2 hours after beeing listed on the hun

[plateman]

What do you guys think of what I got..

http://www.antihotlinking.com/index.php

phat told me that this is the best there is and I gave them stuff I found before I got this and everytime he emailed me back and said something negitive about it what is nice is that every domin I have on my sever has a status page in real time that shows page requests that has movies on them and normal movie requests and hotlinking ones and it gives the ip of the hotlinkers all one up to the second, I think its great and all I got to do is email my host to change settings like where to send hotlinkers and there is all kinds of settings and I still need to read up on all of them..

[RawAlex]

Clickbuster, you are suggesting it could handle 240,000 requests a minute on that size of a server? I don't think so. I think you got about two zeros too many in there...

Plateman, are the majority of your hotlinks from one or two sources?

Alex

[plateman]

Rawalex as of two minutes ago I am showing 5 different ip's and traffic is dead you should see the page on a hun movie gallery or a few other tgps, I can refresh the page and see exactly whats going on and on a busy night there are many different hotlinkers I think I remember over a 100 ip's I am no ht.access wiz and this was recomended.. So I am doing the 39.00 a month till its paid for.. and I dont have to fool with it much, one person did steal a gallery and I emailed my host and they used ht.access for that..