How do I protect my mpegs from being hotlinked or linked directly to but yet still allowing them to play? Did I mention please, I don't want my bandwidth bill to go through the roof one day

AuthUserFile /dev/null
AuthGroupFile /dev/null

RewriteEngine On

RewriteCond %{HTTP_REFERER} !^http://yourdomain.com/
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com/ [NC]

RewriteRule /* http://anotherdomain.com/yourdialer.exe [R,L]

Try this, then when they hotlink your movie, they will download your dialer hahahahahahahhah http://bbs.adultwebmasterinfo.com/ubb/biggrin.gif

by the way, upload that in a txt file called .htaccess, to your folder containing the movies

I already had an .htaccess file similar (actually exactly)to that. it would protect the picture files but it wouldn't allow the mpegs to play. When I delete the .htaccess file though, the mpegs play fine. HELP!

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com [NC]
RewriteCond %{HTTP_REFERER} !^http://yourdomain.com [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG|mpg|MPG|Mpeg|mpeg|MPEG|rm|RM) $ http://www.yourdomain.com [R,L]

I have the exact same problem but with flash,
(.swf)'s The problem is due to that we have to <embed> our (.swf)'s (mpeg)'s etc... and not use the <img src> tag. I have been in contact with Apache's tech support and they are trying to see if they can come up with an answer.


I have Tried so many different .htaccess in the last week, my head is spinning...lol

Once i hear something i will let you know.

The reason for the problem is that movie players use java and java does not send headers, therefore the calls are not identified as originating on your server.

There is no perfect answer, but this will help...

Your htaccess should read:
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*your-domain.com/ [NC]
RewriteCond %{HTTP_COOKIE} !(^|(.+ http://bbs.adultwebmasterinfo.com/ubb/wink.gif*)id=valid(;.*|$)
RewriteRule /* http://%{HTTP_HOST}/ [R,L]

That last line redirects to your main index page... you can change it to something else if you want. The key line is where your server will check for the existence of a cookie. That isn't dependent on java, so it works.

You put the cookie code within the HEAD section of the first HTML document within your protected area:

<SCRIPT LANGUAGE="javascript">
// Calculate the expiration date
var expires = new Date ();
expires.setTime(expires.getTime() + 6 * 60 * 60 * 1000);
document.cookie = "id=valid; path=/" + "; expires=" + expires.toGMTString();
</SCRIPT>

That code expires the cookie in 6 hours. Adapt the 6 * 60 part to be whatever you want.

I have used this for a couple of years. To play safe, I still rename my gallery directories about once a week.

[QUOTE]
RewriteCond %{HTTP_COOKIE} !(^|(.+ http://bbs.adultwebmasterinfo.com/ubb/wink.gif*)id=valid(;.* http://bbs.adultwebmasterinfo.com/ubb/wink.gif|$)


So much for UBB code tags http://bbs.adultwebmasterinfo.com/ubb/frown.gif

Where a smiley appears in the htaccess code of my original post, there should be a semi-colon ; and a closing parenthesis ) with no space between: I hope that makes sense!

;) :)

uhm.. "disable smilies in this post" Jayeff

Comatoast,
that code prevents hotlinking but I could just type the url in the browser and it plays the movie! ARGHHHHHHHHHH!!!!!!!! I GIVE UP!

Thats normal. If you paste URL with your domain in the browser it must play, because your domain is REFERER, but hotlinking is still blocked. Try to img src it from another site/domain and you will see what i mean. OK, maybe i am wrong too, but i think it works like that, or..?

Also try this instead of gif/GIF etc...: .*[Jj][Pp][Gg]$|.*[Gg][Ii][Ff]$
You can have gIf and jpG that way.

Your htaccess should read:
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*your-domain.com/ [NC]
RewriteCond %{HTTP_COOKIE} !(^|(.+ http://bbs.adultwebmasterinfo.com/ubb/wink.gif*)id=valid(;.*|$)
RewriteRule /* http://%{HTTP_HOST}/ [R,L]

That last line redirects to your main index page... you can change it to something else if you want. The key line is where your server will check for the existence of a cookie. That isn't dependent on java, so it works.

You put the cookie code within the HEAD section of the first HTML document within your protected area:

<SCRIPT LANGUAGE="javascript">
// Calculate the expiration date
var expires = new Date ();
expires.setTime(expires.getTime() + 6 * 60 * 60 * 1000);
document.cookie = "id=valid; path=/" + "; expires=" + expires.toGMTString();
</SCRIPT>

That code expires the cookie in 6 hours. Adapt the 6 * 60 part to be whatever you want.

I have used this for a couple of years. To play safe, I still rename my gallery directories about once a week. [/B]

I've been looking this board all over about protecting movies from hotlinking and found this cookie protection post. That's exactly what i've been looking for, but it seems that some characters have been altered/misparsed...

Could someone please be so kind to post the correct code either here on the board or as txtfile on a site ? That'd be very much appreciated ! Thanks!

I have a server that is hosting my movie galleries. The way I have it setup is a cookie and cgi-script that will protect and block the movies from people trying to download them directly from a link on a BBS or something. This way works very well, but there is more to it than just adding a few lines of code in htaccess and on your gallery page. You need to have a converter script setup that protects the avi's.

well, thanks eru for the reply. The protection you're talking about, does it also prevent people from copying and pasting the movie url into the browser (where most proctection systems fail?) , like most forum users actually do ? Movie forum hotlinkers are actually the most feared one, as they are used to copy and paste movie urls

This is the code for cookie/htaccess for video files
This part goes in your <head></head> tags

<SCRIPT LANGUAGE="javascript">
// Calculate the expiration date
var expires = new Date ();
expires.setTime(expires.getTime() + 1 * 60 * 60 * 1000);
document.cookie = "id=valid; path=/" + "; expires=" + expires.toGMTString();
</SCRIPT>

This is the .htaccess which has to be uploaded to your server directory containing the movie files .

RewriteEngine on
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*yourdomain.com/ [NC]
RewriteCond %{HTTP_COOKIE} !(^|(.+;)*)id=valid(;.*|$)
RewriteRule /*$ http://www.yourdomain.com/ [L,R]

Now your file is protected and cannot by copy n pasted in a download manager or browser :)

Originally posted by MichaelH
well, thanks eru for the reply. The protection you're talking about, does it also prevent people from copying and pasting the movie url into the browser (where most proctection systems fail?) , like most forum users actually do ? Movie forum hotlinkers are actually the most feared one, as they are used to copy and paste movie urls

If the user has the page open that the movie is linked on with the proper cookie script in the header (ie, your movie gallery) or if he has visited the page within the last hour or so (you can change the time around), he can download the file by just pasting the link in his browser. However, if jackass-A creates a link to the movie file in a BBS for example, any surfer trying to download the file on that BBS and has not visited your movie gallery will not be able to download the file. Instead, he will be sent wherever you want him to go.

Moisey, a tech at Likewhoa hosting, created this script for me. It kicks ass and it only takes 3MB per request.

Yo guys! The correct script text was exactly what i was looking for :)
Thanks a lot!
Michael