This forum has been moved here:
Helicon Tech Community Forum

  Active TopicsActive Topics  Display List of Forum MembersMemberlist  HelpHelp   RegisterRegister  LoginLogin
HotlinkBlocker (Forum Locked Forum Locked)
 Helicon Tech : HotlinkBlocker
Subject Topic: referer also blocks current domain (Topic Closed Topic Closed)
Author
Message |
bayleaf
Newbie


Joined: 06 December 2006
Location: Canada
Posts: 3
Posted: 06 December 2006 at 5:44pm  

hello,i'm testing the registered version of hotlinkblocker on our client's server. i tested the demo version on our dev and staging server and it worked exactly as expected (using the referer method).our sys admin installed it on the live server. i created a test folder called 'isapi' and stuck an image in there to see if i could load it from another website. i was unable to load any file in the folder - the isapi filter appears to be blocking the entire folder even though it's on the same domain. (as soon as i removed the /isapi from the protected files list i was able to access the folder again)i'm going to paste in the text config file below. please note that all the white list domains are aliases for domain.com. thanks,dannyhere's what the config text file looks like:
##################################################HotlinkBlocker Configuration file
# Version 1, 3, 0, 51
Signature=6a75a904-19ce-43d1-a223-24e4edcf30bc
LinkExpires=1800
NotifyOrder=MEDIUM
[Protect]
REFERER    /isapi
[ReferersBlackList]
[ReferersWhiteList]
http://somesite.com
http://www.somesite.com
http://somesite.com
http://www.somesite.com
[UserAgentsBlackList]
[UserAgentsWhiteList]


Edited by Yaroslav - 27 March 2007 at 6:03am
Back to Top
 
Yaroslav
Admin Group


Joined: 15 August 2002
Posts: 6520
Posted: 07 December 2006 at 4:26am  

Please show me the page with the test link and direct link to the test file. With referer protection method by default empty referrer requests are not allowed. Possible in your situatuion HTTP referer header is empty.
I need to see the problem in action to tell more.

__________________
Yaroslav Govorunov,
Helicon Tech
Back to Top Visit Yaroslav's Homepage
 
bayleaf
Newbie


Joined: 06 December 2006
Location: Canada
Posts: 3
Posted: 07 December 2006 at 10:58am  

http://somesite.com/isapi/inside the folder you'd find:default.cfm get DecTestPhoto.jpg readme.txt i'm testing using IE6 and Firefox 1.5.0.8 both of which submit the referer header fine - i've tested with a proxy and will paste the results below.with even bester regards,danny
GET /isapi/
HTTP/1.1
Host: somesite.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.8) Gecko/20061025 Firefox/1.5.0.8
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0 .9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300Cookie: __utma=190403133.1475926688.1165274336.1165428869.1165445026 .3; __utmz=190403133.1165445026.3.4.utmccn=(organic)|utmcsr=sear ch|utmctr=getdecorating|utmcmd=organic; __utmc=190403133; CFID=10705468; CFTOKEN=908ac07a09d392ee%2D59067639%2D9929%2DEBE4%2D50D59CF6 1CCF605D; JSESSIONID=dc303b86d3b55b5d576dCache-Control: max-age=0
RESPONSE:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>The page cannot be found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252"><STYLE type="text/css">� BODY { font: 8pt/12pt verdana }� H1 { font: 13pt/15pt verdana }� H2 { font: 8pt/12pt verdana }� A:link { color: red }� A:visited { color: maroon }</STYLE></HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD><h1>The page cannot be found</h1>The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.<hr><p>Please try the following:</p><ul><li>Make sure that the Web site address displayed in the address bar of your browser is spelled and formatted correctly.</li><li>If you reached this page by clicking a link, contact�the Web site administrator to alert them that the link is incorrectly formatted.</li><li>Click the <a href="javascript:history.back(1)">Back</a> button to try another link.</li></ul><h2>HTTP Error 404 - File or directory not found.<br>Internet Information Services (IIS)</h2><hr><p>Technical Information (for support personnel)</p><ul><li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Micros oft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>404</b>.</li><li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),�and search for topics titled <b>Web Site Setup</b>, <b>Common Administrative Tasks</b>, and <b>About Custom Error Messages</b>.</li></ul> </TD></TR></TABLE></BODY></HTML&g t;


Edited by Lexey - 26 March 2007 at 12:50pm
Back to Top
 
Yaroslav
Admin Group


Joined: 15 August 2002
Posts: 6520
Posted: 08 December 2006 at 4:37am  

I have tested your server and notwithstanding you didn't provide me with a page on your site with links to a protected files I had manually put
Referer: http://somesite.com\r\n in request and get a correct image response.
Please test images using links on a pages locaded on your site. If you just put a URL to the image into the browser request will go without referrer header.

Edited by Lexey - 26 March 2007 at 12:51pm
Back to Top Visit Yaroslav's Homepage
 
bayleaf
Newbie


Joined: 06 December 2006
Location: Canada
Posts: 3
Posted: 08 December 2006 at 12:01pm  

hi yaroslav,
the issue was 'operator error' (meaning i'm an idiot).

my complaint was that i couldn't see files in a folder i'd used your filter to block. well if i used your folder to block them of course i can't see the files in them because the filter's doing what it's supposed to.

i forgot to create the second folder to try and load the images out of the protected one. sorry for wasting your time. it's all working great.

thanks,
danny
Back to Top
 

Sorry, you can NOT post a reply.
This forum has been locked by a forum administrator.

Printable version Printable version
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum