Results 1 to 11 of 11
  1. #1

    Prevent hotlinking...

    Hi I have a problem with people hotlinking my files. People are able to get the real URL by using a download manager. Currently I just use a PHP script and redirect by using a header. However, people then take the real URL from their download manager and post it up for other people to use.

    I've been trying to come up with hotlinking solutions for a while now but my question is, is there any way I can prevent people from being able to see the real URL or encrypt it in some way?

    Or if not, is there a way I can combine htaccess/htpasswd so that I can read in a username/password to authenticate? I want to let the person login automatically through a PHP script without having to type in a username/password or having any login popup boxes (the username/password is authenticated beforehand). Thanks if any of you can help me on this problem! Been thinking of ways to handle but still cant figure it out.

    I've already tried to put the files in root and using readfile() unfortunately that doesn't allow resuming and it allows only one connection. I have hosted large AVI files so this poses a problem for those who may get suddenly disconnected. I also tried to chmod(), 0644, then use a header to get the file then chmod(), 0000 back but that posed a few problems as well.

  2. #2
    Join Date
    Mar 2004
    In the download.php?id=3 do a check on top of page if the requeting document is from ur site..

    if not then redirect them to the main page..

    Simple and easy..

    use the referral url

    Testing 1.. Testing 1..2.. Testing 1..2..3...

  3. #3
    Join Date
    Sep 2003
    Or redirecting them to somewhere else, make em pay
    Question: What is your disaster recovery plan?
    Answer: Oh my god this couldn't have happened at a worse time!

  4. #4
    OK I don't want to use HTTP_REFERER at all, since that is a very unreliable variable. The thing is people can figure out the actual URL to the file and just hotlink from there. I just have something like

    So they just use that link and download. However the download managers display the real URL since the file does do a redirect.

  5. #5
    Join Date
    Mar 2004
    The trick is to read the file with php, and then passthru() it, using other header() commands too.

  6. #6
    Join Date
    May 2004
    yes. this is sort of like streaming a file.

  7. #7
    OK well the description is vague to me so I don't know where to start???

  8. #8
    Join Date
    Mar 2004

    Read the comments

  9. #9
    ok that really did not help me at all. I did read all of it anyway though.

  10. #10
    Sorry actually that did helped to hide the URL at least from what I tested through DAP (Download Accelerator Plus). Thank you very much for the information!

  11. #11
    actually nevermind...triple post...but it didn't work out i must have been high.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts