This forum has been moved here:
Helicon Tech Community Forum

  Active TopicsActive Topics  Display List of Forum MembersMemberlist  HelpHelp   RegisterRegister  LoginLogin
HotlinkBlocker (Forum Locked Forum Locked)
 Helicon Tech : HotlinkBlocker
Subject Topic: AOL problems (Topic Closed Topic Closed)
Author
Message |
RobOnt
Newbie


Joined: 27 December 2006
Posts: 6
Posted: 27 December 2006 at 9:41pm  

Hey there, I'm trying out your hotlink blocker on a rather popular site I run and I've noticed a problem with AOL users not being able to access protected files (I'm using LINK protection). I'm assuming it's because they bounce between proxy's. Is there a resolution for this?
Back to Top Visit RobOnt's Homepage
 
Yaroslav
Admin Group


Joined: 15 August 2002
Posts: 6520
Posted: 28 December 2006 at 5:26am  

Can you please give me a URL of your site and page with broken links. Also show me your HotlinkBlocker configuration file.
There could be a problem with LINK protection on large proxies and the resolution is to set
Cache-Control: private
HTTP header. By default this header is set by ASP or ASP.NET engine but it may be not set for static files.

__________________
Yaroslav Govorunov,
Helicon Tech
Back to Top Visit Yaroslav's Homepage
 
RobOnt
Newbie


Joined: 27 December 2006
Posts: 6
Posted: 28 December 2006 at 7:51am  

Yaroslav wrote:
Can you please give me a URL of your site and page with broken links. Also show me your HotlinkBlocker configuration file.
There could be a problem with LINK protection on large proxies and the resolution is to set
Cache-Control: private
HTTP header. By default this header is set by ASP or ASP.NET engine but it may be not set for static files.


The url for the site is http://www.robont.net (keep in mind it's a site for adults and definitely NOT work safe). Any of the files there you could try. They work fine for everyone except AOL users. The config file I'm using is:

#################################################
# HotlinkBlocker Configuration file


Signature=0e69b64c-9876-4fc2-9d6d-eb78453d7042
LinkExpires=1800
NotifyOrder=MEDIUM


[Protect]


[ReferersBlackList]
[ReferersWhiteList]
[UserAgentsBlackList]
[UserAgentsWhiteList]

Back to Top Visit RobOnt's Homepage
 
RobOnt
Newbie


Joined: 27 December 2006
Posts: 6
Posted: 28 December 2006 at 8:05am  

woops correction, the config is:

#################################################
# HotlinkBlocker Configuration file

# Version 1, 3, 0, 51


Signature=73a230cf-a15a-4798-91cc-38b791630a7e
LinkExpires=1800
NotifyOrder=MEDIUM


[Protect]
LINK        /protected/   
LINK        /uploads/photos/   


[ReferersBlackList]
[ReferersWhiteList]
[UserAgentsBlackList]
[UserAgentsWhiteList]

Back to Top Visit RobOnt's Homepage
 
Yaroslav
Admin Group


Joined: 15 August 2002
Posts: 6520
Posted: 28 December 2006 at 8:11am  

Currently there is no protection enabled on your web site, at least according to this HotlinkBlocker configuration file.
Again, I think the problem is Cache-Control header. Please add the following HTTP header record for the directoryes where you store html files woth protected links:
Cache-Control: private
this could be done through the IIS console on the directory properties. And again, you will need to add this header to the files with protected links, and not to the protected folder itself.

__________________
Yaroslav Govorunov,
Helicon Tech
Back to Top Visit Yaroslav's Homepage
 
RobOnt
Newbie


Joined: 27 December 2006
Posts: 6
Posted: 28 December 2006 at 6:14pm  

Yaroslav wrote:
Currently there is no protection enabled on your web site, at least according to this HotlinkBlocker configuration file.
Again, I think the problem is Cache-Control header. Please add the following HTTP header record for the directoryes where you store html files woth protected links:
Cache-Control: private
this could be done through the IIS console on the directory properties. And again, you will need to add this header to the files with protected links, and not to the protected folder itself.


Unfortunately that did not help. Any other ideas?
Back to Top Visit RobOnt's Homepage
 
Yaroslav
Admin Group


Joined: 15 August 2002
Posts: 6520
Posted: 29 December 2006 at 1:45pm  

But it should help :(
I have checked your site and header is set correctly. Probably the AOL cache is not updated yet, so the changes are not applied to the cache. Can somebody confirm that Cache-Control: private header is present when AOL user is making a request and having any problems downloading content?
If nothing more helps I can suggest you to try REDIRECT protection method. It should work fine for .wmv content while keeping a good protection level. And you don't even need a templates in the links with this protection method. The main drawback of this method is that Save As function on a .wmv file in IE will no longer work, i.e. user will need to open file and then save it.
REFERRER protection will not work for .wmv files.

__________________
Yaroslav Govorunov,
Helicon Tech
Back to Top Visit Yaroslav's Homepage
 
RobOnt
Newbie


Joined: 27 December 2006
Posts: 6
Posted: 29 December 2006 at 3:55pm  

I think I'm figuring out the problem, it seems browsers that are based on certain older builds of mozilla are the problem. I gotta confirm that but that's what it looks like to me.....
Back to Top Visit RobOnt's Homepage
 
Yaroslav
Admin Group


Joined: 15 August 2002
Posts: 6520
Posted: 30 December 2006 at 8:34am  

Old browsers should not be a problem with LINK protection because protection is based on the link signature and no any client-relatad technologies (like referrers, cookies, redirects, etc.) are involved.
As I understand the problem may come from the proxy cache. Because signed links are valid only for one client, if this response will be cached on some public cache (like some proxy servers) and then returned to another client withour requesting a server protected links will not work for this client. Cache-Control: private directive should inform proxy servers not to store this content on a public caches because it is intended for only one client. But it is possible that some buggy proxies may ignore this directive. In this case you may add some more directives to disable caching at all. Add Expires header with some date in the past - this will mark content as already expired and should not be cached.

__________________
Yaroslav Govorunov,
Helicon Tech
Back to Top Visit Yaroslav's Homepage
 
RobOnt
Newbie


Joined: 27 December 2006
Posts: 6
Posted: 01 January 2007 at 12:24am  

While it shouldn't be the problem, it definately is part of it, I'm having people with the AOL problem switch from the AOL browser to IE7 or the new firefox browser and that seems to eliminate the problem. I wish I could pinpoint it better for you but that change seems to resolve the problem so I'll just go with it....
Back to Top Visit RobOnt's Homepage
 

Sorry, you can NOT post a reply.
This forum has been locked by a forum administrator.

Printable version Printable version
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum