z0r Forums
Hotlink protection - Printable Version

+- z0r Forums (https://board.z0r.de)
+-- Forum: English (https://board.z0r.de/forumdisplay.php?fid=3)
+--- Forum: News (https://board.z0r.de/forumdisplay.php?fid=4)
+--- Thread: Hotlink protection (/showthread.php?tid=3088)



Hotlink protection - eins - 13-06-2013

You may noticed that the site was slow in the last couple days. This was because the amount of hotlinks (when the swf file is accessed directly, and not using the z0r.de page) increased drastically. I had to add a hotlink protection, because i'm not able to corretly balance the load if the files are accessed directly.
Its possible that this hotlink protection will cause trouble for you, even if you're not hotlinking the files (for example it may block you for hiding your referrer). Im still finetuning it, but please tell me if you have problems accessing the site, like loops not loading (staying white).

tl;dr site should load much faster again!


RE: Hotlink protection - fishpoindexta88 - 13-06-2013

just tested this and i can still veiw the "hotlinked" version of the loop... im using firefox 21.0 (latest version)

no problems viewing anything, just reporting what i found.

just to be clear the "hotlinked" loops are located at an address in this format (http://z0r.de/L/z0r-de_XXXX.swf)


RE: Hotlink protection - GTAzoccer - 15-06-2013

(13-06-2013, 22:59)fishpoindexta88 Wrote: just tested this and i can still veiw the "hotlinked" version of the loop... im using firefox 21.0 (latest version)

Try to use a different referrer than z0r.de. If you don't have add-ons to manipulate the HTTP header, put the swf URL in the post preview of some other board and click it.

@eins: I would protect my contents from hotlinking with sessions. Check if the user who requested a loop file has already a (PHP)-session from z0r.de. Of course, this causes some load 'cause your loops aren't static anymore. So i don't know if this load is higher than the hotlinking load itself in your case.


RE: Hotlink protection - eins - 15-06-2013

(15-06-2013, 18:07)GTAzoccer Wrote:
(13-06-2013, 22:59)fishpoindexta88 Wrote: just tested this and i can still veiw the "hotlinked" version of the loop... im using firefox 21.0 (latest version)

Try to use a different referrer than z0r.de. If you don't have add-ons to manipulate the HTTP header, put the swf URL in the post preview of some other board and click it.
Correct. I allowed blank refferer for now, so people who block referrers can still view the loops.

Quote:@eins: I would protect my contents from hotlinking with sessions. Check if the user who requested a loop file has already a (PHP)-session from z0r.de. Of course, this causes some load 'cause your loops aren't static anymore. So i don't know if this load is higher than the hotlinking load itself in your case.
Jeah, thought about doing that, but decided against it because of the load. pretty happy with the htaccess solution so far.


RE: Hotlink protection - SunRed - 16-06-2013

Another solution could be renaming the directory containing the loops ech day or hour or minute automatically even without a cronjob. The advantage of this method is that no user can be blocked in any way. This just prevents other pages from loading your loops who are using the static url.

When the page is accessed by any visitor a script checks when the name was last changed. The timestamp of the last change could be stored in a text file. When the name has to be changed the script scans a directory containing the directory with the loops in it (so a directory with a single directory in it is needed where the loops can be stored in). Due to the fact that in this directory is only one single directory with a name we don't know at this point the script just has to watch out for a directory and renaming this into a random name. Then this directory name will be output in the url where the client can download it from.

Additionally to reduce the traffic you could use the mod_header and mod_expire in .htaccess to take a usage of the browser cache so that the swf file doesn't need to be load every time the site is accessed.

If you are interested in using this possibility i could give you a code example...

I hope you understand my thoughts of another way doing this Mr. Green


RE: Hotlink protection - glocom - 21-06-2013

What do you mean with hotlinking? Is it when you use "http://raz.z0r.de/L/z0r-de_xxxx.swf"?

Because then I know where the huge amount of hotlinks comes from. The z0r android app uses these links directly. With nearly 1500 active installations, that would be a huge impact.


RE: Hotlink protection - eins - 22-06-2013

No, its not the app. Most of the refferers i can catch are from facebook.
i actually tested my hotlink protection with the z0r.de app, and it should still work Shy