This forum has been moved here:
Helicon Tech Community Forum

  Active TopicsActive Topics  Display List of Forum MembersMemberlist  HelpHelp   RegisterRegister  LoginLogin
HotlinkBlocker (Forum Locked Forum Locked)
 Helicon Tech : HotlinkBlocker
Subject Topic: Unprotect subdirectory (Topic Closed Topic Closed)
Author
Message |
gyxi
Newbie


Joined: 16 July 2007
Posts: 3
Posted: 16 July 2007 at 1:58pm  

I am currently successfully blocking every media file on my server with this regular expression:

@.*\.(jpg|gif|png|wmv|avi|mpg|mpeg)

I need, however, to allow hotlinking for a certain directory on my server.

This file needs to stay blocked:
www.mysite.com/files/public/image.jpg

But this file must not be blocked:
www.mysite.com/files/public/__thumbnails/image.jpg

Please help me construct a configuration file that accomplishes that.

Back to Top
 
gyxi
Newbie


Joined: 16 July 2007
Posts: 3
Posted: 17 July 2007 at 11:07am  

Someone at a community support site helped me construct this regex which does the job:

@/files/public(?!/__thumbnails)/.*\.(jpg|gif|png|wmv|avi|mpg|mpeg)

Funny thing though:

An avi should be accessible from whitelisted sites and it is. But not if the user chooses "Save Target As...". Is this a known problem or could it be helped by changing my configuration in some way?

Back to Top
 
Yaroslav
Admin Group


Joined: 15 August 2002
Posts: 6520
Posted: 18 July 2007 at 4:31am  

This is known problem because IE doesnot send Referer header when saving target as. If you would use LINK protection method not based on referers it should not be a problem, but white lists works on referers.

__________________
Yaroslav Govorunov,
Helicon Tech
Back to Top Visit Yaroslav's Homepage
 
gyxi
Newbie


Joined: 16 July 2007
Posts: 3
Posted: 20 July 2007 at 3:50pm  

Thanks for your help.

I have REFERER protection working, but I am trying to implement LINK as you suggested. I read your documentation. I changed the protection to LINK and inserted xxxxxxxxxxxxxxxx/ as part of the link. I get a 404 error. But the x-part of the link is changed correctly:

http://www.mysite.com/files/e276d1897c051734/public/myimage.jpg

If I attempt to visit the image at it's real location, it works fine. All in all, it seems to work exactly as it did when it was configured as REFERER. In IIS I pressed Set, Apply and even ran iisreset.

Here's my configuration:

Code:
#################################################
# HotlinkBlocker Configuration file

# Version 1, 4, 0, 56


Signature=55d0d33e-7cad-471d-9b1f-cabf82fef8a3
LinkExpires=3600
NotifyOrder=MEDIUM


[Protect]
LINK  @/files/public(?!/__thumbnails)/.*\.(jpg|gif|png|wmv|avi|mpg|mpeg) http://www.mysite.com/hotlink.jpg
LINK  @/files/private(?!/__thumbnails)/.*\.(jpg|gif|png|wmv|avi|mpg|mpeg) http://www.mysite.com/hotlink.jpg


[ReferersBlackList]
[ReferersWhiteList]
mysite.com
www.mysite.com
http://mysite.com
http://www.mysite.com
http://www.mysecondsite.com
[UserAgentsBlackList]
[UserAgentsWhiteList]

I am looking forward to receiving your suggestions.

Back to Top
 
Yaroslav
Admin Group


Joined: 15 August 2002
Posts: 6520
Posted: 23 July 2007 at 7:48am  

Sorry for messing things for you. My key conclusion was that white lists works based on referer, so you cannot enable access from other web sites if clients does not send referer. ANother solution is to enable empty referers, you can do this by adding this small pattern to the whitelist @^$
Please note that it will also allow some clients that does not send referers to download protected content. If you only want to limit leech traffic than this solution should work well.

__________________
Yaroslav Govorunov,
Helicon Tech
Back to Top Visit Yaroslav's Homepage
 

Sorry, you can NOT post a reply.
This forum has been locked by a forum administrator.

Printable version Printable version
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum