protecting a file by referer

[sambobo]

I need to protect a particular file from being downloaded except from a particular page. I tried to do this by using .htaccess:



SetEnvIfNoCase referer http://foobar.com good_referer=1

...

allow from good_referer=1



(syntax is not exact but you get the idea)



This seems to work fine with netscape, but with IE the file is not accessible even from the correct referring page.



1. Is there a reason why this should be?

2. Is there an alternative way to do it?



In particular, at the moment I use an (ugly) perl solution: I copy the files to a temporary directory with a random name - file47483973589.txt for example, and then link to these rather than the original. This means they are accessible but hard to guess, and regular deleting of old temp files should keep things tidy. I would like to use symbolic links instead of copies, but when I tried this, apache wouldn't let the files be downloaded - I guess it wouldn't follow the symlink. If anyone can suggest how I might make this work, I'd be grateful too.



cheers

dave hj

More Information:

1. In the event that a pro tries to hack in by spoofing the http referer header, does it do any good to rename the wordpress installation file to something
2. Use the following form to create the code to place into your htaccess file to stop people hotlinking your images/files
3. The exact file extension to use depends on your web server
4. Referrer bouncer uses one php file that checks incoming referrers
5. htaccess file below prevent a password (which was set with the WebPassword
6. At best, it will only render your log files useless
7. They operate like this: Let's say you have some mp3 files on a server, and SOMEWHERE on the web there is a link to that mp3 file's location

More:

• how to start apache at boot time in LInux
• Apache cannot load libphp4.so
• HTTP Authentication
• Adding modules to Apache
• Virtual Domain Problem
• Apache log files
• Midi files does�nt work!
• Welcome to the Apache Forums
• SSL for Apache ( Windows OS )
• Apache Mod SSL

[Golden Dragon]

Be careful with referrer variables, some browsers (such as Opera I believe) do not send referrer variables to the server when making a request.

More Information:

1. n for Wordpress to deal with referrer spam Filed under: Plugin Testing — Tom Referrer Bouncer by Simple Thoughts seems to be a well done and [
2. htaccess is an attempt to protect the files from being linked from other sites (link stealing), which is different
3. Server technology and file type independent protection makes HotlinkBlocker absolutely transparent to your site's applications
4. When the player requests the file, it sends the token back to your server
5. 9 posts - 8 authors - Last post: May 3For me, this is a way of password-protecting files which I find very convenient for my purposes
6. However, you will need to make an additional modification to the 2nd PHP file to protect yourself

[ZDZVhVPfF]

can someone help me with this script cuz i really need it for my server, i have alot of realmedia files and lots of ppl are leeching them, i want to be able to use this script so that only my site and a few others can access the files, thanks for any help you can provide

More Information:

1. Free download disable referrer on safari Files at Software Informer - Apple Software Update is an application that helps us find the latest updates and drivers for our programs or applications by Apple, for
2. zip files, just put them in that special folder and add the zip extension to the FilesMatch line -
3. So if I am, for example, going from page_A to a password-protected page_B, the referer address will be the
4. Ability to backup the original HTML files before protection so that you can always recover them at any time later
5. The only way to "secure" the file is to password protect the directory
6. The htaccess file is just one way of protecting your website
7. CustomLog "/private/var/log/httpd/access_log" common # # If you would like to have agent and referer logfiles, uncomment the # following directives
8. Protect ANY downloadable file ANYWHERE in your WordPress domain - Yep, ANYWHERE! If your WordPress is loaded at www
9. A lot of hotlink protection code simply sends one type of file no matter what, but many browsers will not handle this properly, and the above method provides
10. Referer header value is verified for specified file types, i