XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Modules Support forums / 
  3. Module troubleshooting 
  4.  / debaser protection
Register
1
katim110
debaser protection

  • 2006/6/1 9:34

  • katim110

  • Not too shy to talk

  • Posts: 108

  • Since: 2006/5/4 1


as you said:

As deadlyromio said correctly there is no bullet-proof way to protect files from downloading or better I have found none. Because it is essential that the player-code needs a URL for the files. Even IF I can hide the source-code there are so many tools reading all requests while you are browsing, so...

well
I saw on www.putfile.com and www.flurl.com and there is also an music site which is www.marocaudio.com you can see the direct links but... the direct links is changing every week I dont know how they do that maybe there is an script and if there is an script who can change all links every week then you can make it harder to those who steels links
thank you

here is an example what marocaudio.com is doing:

today the link is:http://marocaudio.com/music/soft/Aissawa/Aissawa/Aissawa%2001.mp3

after a view days the link changed tohttp://marocaudio.com/music/air/Aissawa/Aissawa/Aissawa%2001.mp3

I want to make the download available for everyone but i dont want that people make links

thank you
2
McNaz
Re: debaser protection

  • 2006/6/1 14:44

  • McNaz

  • Just can't stay away

  • Posts: 574

  • Since: 2003/4/21


The only way to stop (IMHO) direct linking is to place your downloaded files outside of the public_html area. These will then be served up via a script (iehttp://domain.com/download.php?file=123).

This is the method xAsset uses to secure download files.

HTH.
3
davidl2
Re: debaser protection

  • 2006/6/1 15:12

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


And also wf-downloads 3.1
4
katim110
Re: debaser protection

  • 2006/6/1 18:08

  • katim110

  • Not too shy to talk

  • Posts: 108

  • Since: 2006/5/4 1


will wf-downloads really solve my problem? and Can I use it als music module?
I just hate people who steel links from ohter people it cost me datatraffic
#OOPS# it!
5
Mantooth
Re: debaser protection

  • 2006/6/1 18:19

  • Mantooth

  • Friend of XOOPS

  • Posts: 189

  • Since: 2004/11/2


using .htaccess files has helped me in the past. i've heard that people can "spoof" domain referrals though, so i guess it's not %100 secure. But I think there's always some kind of trick to get around any sort of protection.
...


I hate Mortal Kombat
6
JahDesik
Re: debaser protection

  • 2006/6/1 21:48

  • JahDesik

  • Just popping in

  • Posts: 18

  • Since: 2005/8/2 2


I am using this code, works for me.. you can check my site ( Doble-H.com ) right now i have more than 1000 files and is increasing..


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www.)?example.com(/)?.*$ [NC]
RewriteRule getfile.phphttp://www.example.com/index.php [R,NC]

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://example.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://example.com$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.com$      [NC]
RewriteRule .*.(mp3|wma|wmv)$ http://www.example.com [R,NC]


this code works only with external links but doesn't work when somebody just write the URL in the browser so is not 100%secure but helps a lot.

PD: Frankblack thanks for this module and i'm waiting for the new version...

laterz
7
gestroud
Re: debaser protection

  • 2006/6/1 23:10

  • gestroud

  • Home away from home

  • Posts: 1538

  • Since: 2004/12/22


I have my files outside of the public_html area and use tinyurl.com to mask the url that I add. Seems to work all right.
8
frankblack
Re: debaser protection

  • 2006/6/2 5:04

  • frankblack

  • Just can't stay away

  • Posts: 830

  • Since: 2005/6/13


Still don't know what to do.

This way files will be played right now:

a) from point a player.php will be called. Some information will be transferred

b) in player.php the player-code and the source of the file will be picked

c) the file has to be instantly played. I mean there MUST be a source given. If the source is hidden in another file how should I do it, that the file will be instantly played?

EDIT: Would this work? If I add a key to ex. download.php (<= source file) which will be decrypted in download.php?
9
katim110
Re: debaser protection

  • 2006/6/2 9:00

  • katim110

  • Not too shy to talk

  • Posts: 108

  • Since: 2006/5/4 1


1.Disable right mouse click
2.try to hide the source
3.make it harder to find the source
for example www.agraw.com is also using XOOPS I dont know whiche music module he is using but I tried so many ways to find the source of his music but I cant

thanks again frankblack for debaser I love it
10
frankblack
Re: debaser protection

  • 2006/6/2 9:05

  • frankblack

  • Just can't stay away

  • Posts: 830

  • Since: 2005/6/13


1. Will be in next version
2. Nearly impossible, yes there are tools but they are very weak and easy to break, so I have to encrypt the source
3. no problem for me to find the source!
http://thifawin.xxx.xx/xxx/xxx/Fouad%20Iwedda.mp3

Have a look at the nice tools WebDeveloper, Html Validator. For more infos about what is going on during the requests get TamperData and URLParams.

If you want to "steal" (OH NO) css- and javascript-files (even external) get JSview.

The above mentionend tools are extensions for Mozilla/Firefox.
(1) 2 »

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

207 user(s) are online (158 user(s) are browsing Support Forums)

Members: 0

Guests: 207

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Apr 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits