This forum has been moved here:
Helicon Tech Community Forum

  Active TopicsActive Topics  Display List of Forum MembersMemberlist  HelpHelp   RegisterRegister  LoginLogin
HotlinkBlocker (Forum Locked Forum Locked)
 Helicon Tech : HotlinkBlocker
Subject Topic: product features (Topic Closed Topic Closed)
Author
Message |
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 06 October 2009 at 2:52pm  

I currently have purchased isapi rewrite. I am
considering hotlinkblocker for this purpose: I want to
prevent anyone from viewing or copying image (JPG etc)
files from my image directory. currently my rewrite maps
http://www.example.com/image-4444-12.jpg to another
correct file in my image directory with 4444 being $1 and
12 being $2. (This is great because also it shortens the
URL and I can keep the JPGs in a deep complex structure).
So now anyone anywhere can type
http://www.example.com/image-4444-12.jpg into their
browser and save and steal my image.

1) Can hotlinkblocker prevent access(stealing)? what
would the user see if they type in that URL to the
browser? But, the images would correctly be displayed in
the correct positions in the IMG tags of the HTML pages
generated by the ASP - right?
2) Can it interoperate with isapi rewrite?
3) Would I configure HLB on the true files or on the
rewite rules?
4) I have seen a rule that allows only PHP and HTML
access, would that be the same as ASP HTM and HTML?
5) Any way to prevent them from leeching text?

Thank you.

__________________
Dezok
www.beachhouse.com
Back to Top Visit dezok's Homepage
 
Anton
Admin Group


Joined: 30 January 2007
Location: Ukraine
Posts: 10519
Posted: 07 October 2009 at 5:42am  

1) Yes, it can. The user will get either 403 Forbidden or the cutsom page you indicate. IMG tags of the HTML pages generated by the ASP will be
dispayed fine on the site with HLB on it.
2) Yes, it can
3) HLB deals with virtual paths, so it doesn't matter for it what URLs to protect.
4) Could you please clarify the question
5) Yes, it's possible in the same way as images/video/etc.

Could you please tell what protection type are you thinking of using.
We recommend the LINK type as the most reliable.

__________________
Regards,
Anton
Back to Top
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 07 October 2009 at 1:16pm  

I am a bit hesitant to use LINK with the 16 'x's, it
would effect too much code and that could introduce bugs.

this is the rule:

REFERER @(?!.*\.(?:asp|html|htm|rss|php?)).*
http://www.mysite.com/leech.htm

would that work just fine?

Or should I use

REFERER /db/h/images http://www.mysite.com/leech.htm

is that cleaner?

__________________
Dezok
www.beachhouse.com
Back to Top Visit dezok's Homepage
 
Anton
Admin Group


Joined: 30 January 2007
Location: Ukraine
Posts: 10519
Posted: 08 October 2009 at 5:53am  

If you are thinking of using Referer type of protection, there's actually no need to use HotlinkBlocker.
You can do it in ISAPI_Rewrite using the following rule:

RewriteRule ^(?!.*\.(?:asp|html|htm|rss|php)).*$ http://www.mysite.com/leech.htm [NC,R=301,L]

__________________
Regards,
Anton
Back to Top
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 08 October 2009 at 12:39pm  

Aha thanks!
What would be the positive version of that rule which would
address images? jpg|gif|png|bmp
Back to Top Visit dezok's Homepage
 
Anton
Admin Group


Joined: 30 January 2007
Location: Ukraine
Posts: 10519
Posted: 09 October 2009 at 4:00am  

It will be like this:

RewriteCond %{HTTP:Host}#%{HTTP:Referer} ^([^#]+)#(?!http://\1).+
RewriteRule .*\.(?:gif|jpg|png|bmp) /block.gif [NC]

__________________
Regards,
Anton
Back to Top
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 09 October 2009 at 3:01pm  

Thank you!
That looks pretty complex, can you explain it in english (especially the RewriteCond) in case I want to modify parts.
Back to Top Visit dezok's Homepage
 
Anton
Admin Group


Joined: 30 January 2007
Location: Ukraine
Posts: 10519
Posted: 12 October 2009 at 5:01am  

Ok, the RewriteCond means: if Host and Referer headers are not obtained from the same site (which is the case with hotlinking), execute the
rule (i.e. block images).

__________________
Regards,
Anton
Back to Top
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 14 October 2009 at 4:47pm  

One more question: if I just wanted to block my /images directory would the rule be:

RewriteCond %{HTTP:Host}#%{HTTP:Referer} ^([^#]+)#(?!http://\1).+
RewriteRule /images/.*\.(?:gif|jpg|png|bmp) /block.gif [NC]

(wondering about the "/images/.*\." part, or should it be just "/images/*\." )

and to extend this some more for /images/*/c/*.jpg would it be:

RewriteRule /images/*/c/.*\.(?:gif|jpg|png|bmp) /block.gif [NC]

__________________
Dezok
www.beachhouse.com
Back to Top Visit dezok's Homepage
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 14 October 2009 at 6:50pm  

I am using this rule to test:

RewriteCond %{HTTP:Host}#%{HTTP:Referer} ^([^#]+)#(?!http://\1).+
RewriteRule /db/h/17137/c300/.*\.(?:gif|jpg|png|bmp) /logo.jpg [NC]

and it does not seem to protect:
http://www.beachhouse.com/db/h/17137/c300/pic1.jpg

__________________
Dezok
www.beachhouse.com
Back to Top Visit dezok's Homepage
 
Anton
Admin Group


Joined: 30 January 2007
Location: Ukraine
Posts: 10519
Posted: 15 October 2009 at 5:36am  

Could you please provide rewrite log records for the request to http://www.beachhouse.com/db/h/17137/c300/pic1.jpg with this config in place:

RewriteCond %{HTTP:Host}#%{HTTP:Referer} ^([^#]+)#(?!http://\1).+
RewriteRule /db/h/17137/c300/.*\.(?:gif|jpg|png|bmp) /logo.jpg [NC]

__________________
Regards,
Anton
Back to Top
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 15 October 2009 at 1:55pm  

2009-10-15 18:24:59 GET /db/h/17137/c300/pic1.jpg - - 99.26.220.233 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.2;+en-US)+AppleWebKit/532.0+(KHTML,+like+Gecko)+Chrome/3.0.195.25+Safari/532.0 - 304 213

That is the IIS log record.
Is there another log for ISAPI?

__________________
Dezok
www.beachhouse.com
Back to Top Visit dezok's Homepage
 
Anton
Admin Group


Joined: 30 January 2007
Location: Ukraine
Posts: 10519
Posted: 16 October 2009 at 9:10am  

Yes, there's ISAPI_Rewrite rewrite log. Please read our FAQ to find out
how to enable it.

__________________
Regards,
Anton
Back to Top
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 16 October 2009 at 12:27pm  

I have isapi rewrite 2.11 which does not have that directive.
Back to Top Visit dezok's Homepage
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 16 October 2009 at 12:44pm  

also, is there a newer version of v2 that I should be running.

and, if I upgrade to v3, are the rules backward compatible?

I don't have many complex rules but each of the ones I have is crucial.
Back to Top Visit dezok's Homepage
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 16 October 2009 at 2:16pm  

OK, I spent some time reviewing your products and I am considering upgrade to v3. I really cannot recall if I have the lite version or bought full v2 (I think I bought it), since I have been using it since 2005. Can you help me decide if i should buy the upgrade for $29 or the full v3 for $99?

1) It has been a while since I installed v2.11, how do I tell where the license is and what it is? Or do I just go with v2.13?

2) Is the upgrade install seamless? Or do I uninstall the v2.11 first, and how to do that?

3) I could provide you with my httpd.ini file, I would like to test it somewhere first, rather than do a hot install and then have to scramble to fix any errors.

Thank you

Back to Top Visit dezok's Homepage
 
Anton
Admin Group


Joined: 30 January 2007
Location: Ukraine
Posts: 10519
Posted: 19 October 2009 at 10:35am  

If you have Full v2 version (you may check it by pressing About button), you may buy an upgrade for $29.
To upgrade you need to uninstall v2 and install v3.
The syntax for v2 and v3 is slightly different, so I can transform your rules for v3 if you provide them.

__________________
Regards,
Anton
Back to Top
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 19 October 2009 at 1:20pm  

do you have an support email address where I can continue this discussion and send my file to you?
Back to Top Visit dezok's Homepage
 
dezok
Newbie


Joined: 08 December 2004
Location: United States
Posts: 19
Posted: 19 October 2009 at 1:26pm  

also, I did not see an about button anywhere
Back to Top Visit dezok's Homepage
 

Sorry, you can NOT post a reply.
This forum has been locked by a forum administrator.

Printable version Printable version
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum