GoFuckYourself.com - Adult Webmaster Forum - View Single Post - ANTI-HOTLINKING tutorial

Big E · 02-19-2009, 10:54 AM

You do realize that you can access the videos directly (bypassing the PHP scripts):

http://www.yoursite.com/protected/secret/video1.wmv
etc.

And you do realize that all the redirections will reveal the "secret" directory, right?

It would take someone reasonably technical about 7 seconds to figure this all out, and then they would hot link directly to the "secret" videos and you'd continue on thinking you're "protected". (sigh)

One suggestion - you could serve up the thumbs/videos through the PHP script, but that's got its own problems.

You need to look into a token system that's built into Apache -- *not* PHP, which only protects HTML/PHP files, does not protect content. Note: this does not require any special software to do.

(hint: mod_rewrite and cookies)

02-19-2009, 10:54 AM
Big E Registered User Industry Role: Join Date: Mar 2002 Location: San Diego, CA Posts: 935	You do realize that you can access the videos directly (bypassing the PHP scripts): http://www.yoursite.com/protected/secret/video1.wmv etc. And you do realize that all the redirections will reveal the "secret" directory, right? It would take someone reasonably technical about 7 seconds to figure this all out, and then they would hot link directly to the "secret" videos and you'd continue on thinking you're "protected". (sigh) One suggestion - you could serve up the thumbs/videos through the PHP script, but that's got its own problems. You need to look into a token system that's built into Apache -- not PHP, which only protects HTML/PHP files, does not protect content. Note: this does not require any special software to do. (hint: mod_rewrite and cookies)