How to protect material&bandwidth from cheaters/stolen ?

viktor · 2005-05-04, 01:46 AM

I just registered here because I'm interested in a similar topic.

However, if I understand correctly, this method is very easy to circumvent. You are essentially having the server check the REFERER as it is sent by the client. The problem is that the client can send whatever they want, even one of your "valid" REFERER values. Google for spoofing referer [sic] and you will break this kind of "security" in 5 minutes.

wankmaster · 2005-05-17, 04:02 PM

Tho you can spoof the referer not many people will bother. Most hotlinking is via an URL posed to a BBS.

Anyway .htaccess won't protect video content as windows media player sends a blank referrer, and most .htaccess files allow a blank referrer, so no help there. Given that video is most costly in bandwidth that's what you need to protect.

I came accross a similar thread in anther forum, people getting very hot under the collar about all the bandwidth stealing. Having been the victim of hotlinking myself I wrote a little script to stop it, and offered it to all those who were complaining about it.

How many people used my script?

0

At the end of the day it was all hot air. People like to vent about it, but can't be assed to even install a simple script to stop it.

On the slim chance that anyone is serious about wanting to stop bandwidth theft here's the link

http://www.10minutetgp.com/nohotlink2/index.htm

It's free. I don't want any payment, just a few hits or favors or a linkback if you use it and feel you'd like to return something. But I'm guessing no one will bother, and I'll see this same discussion over and over again.

At the end of the day unless it becomes a REAL problem my advice is to ignore it, it soon goes away.

2005-05-04, 01:46 AM	#1
viktor Internet! Is that thing still around? Join Date: May 2005 Posts: 2	Not so sure... I just registered here because I'm interested in a similar topic. However, if I understand correctly, this method is very easy to circumvent. You are essentially having the server check the REFERER as it is sent by the client. The problem is that the client can send whatever they want, even one of your "valid" REFERER values. Google for spoofing referer [sic] and you will break this kind of "security" in 5 minutes.

2005-05-17, 04:02 PM	#2
wankmaster Just because I don't care doesn't mean I don't understand! Join Date: May 2005 Posts: 96	Tho you can spoof the referer not many people will bother. Most hotlinking is via an URL posed to a BBS. Anyway .htaccess won't protect video content as windows media player sends a blank referrer, and most .htaccess files allow a blank referrer, so no help there. Given that video is most costly in bandwidth that's what you need to protect. I came accross a similar thread in anther forum, people getting very hot under the collar about all the bandwidth stealing. Having been the victim of hotlinking myself I wrote a little script to stop it, and offered it to all those who were complaining about it. How many people used my script? 0 At the end of the day it was all hot air. People like to vent about it, but can't be assed to even install a simple script to stop it. On the slim chance that anyone is serious about wanting to stop bandwidth theft here's the link http://www.10minutetgp.com/nohotlink2/index.htm It's free. I don't want any payment, just a few hits or favors or a linkback if you use it and feel you'd like to return something. But I'm guessing no one will bother, and I'll see this same discussion over and over again. At the end of the day unless it becomes a REAL problem my advice is to ignore it, it soon goes away.