Need Help to prevent external linking

Re: Need Help to prevent external linking

On Fri, 23 Jul 2004 02:24:59 +0000, George Hernandez wrote:
[color=blue]
> I have a site on a set of Linux Servers where my site is PHP enabled and I
> would like to prevent people from externally linking to content on my site
> and replace it with a warning image.[/color]


[ snip ]


Other than this has nothing to do with PHP, the short and bitter truth
answer is, you can't =)



Regards,

Ian

--
Ian.H
digiServ Network
London, UK

Re: Need Help to prevent external linking

"George Hernandez" <no_email@no_do main.pud> wrote in message
news:%F_Lc.59$q 9.114753@news4. srv.hcvlny.cv.n et...[color=blue]
> I have a site on a set of Linux Servers where my site is PHP enabled and I
> would like to prevent people from externally linking to content on my site
> and replace it with a warning image.
>
> I've researched the following to put in an .htaccess file on teh root of[/color]
my[color=blue]
> server, but none of the methods or changes or suggestions I've found on[/color]
the[color=blue]
> web work...[/color]
-snip-

You have set RewriteEngine On?

Check your server is processing .htaccess files by setting up a password
protected directory.

Re: Need Help to prevent external linking

"George Hernandez" <no_email@no_do main.pud> wrote in message
news:%F_Lc.59$q 9.114753@news4. srv.hcvlny.cv.n et...[color=blue]
> that is all I have in teh .htaccess file that sits at the root of my[/color]
server,[color=blue]
> but no matter what, if I type in a URL leading to content on my site
> architecture, the warning image does not display - the file that was
> requested is given. I want to force people to have to be at my site to be
> able to view the images or download the zip files.[/color]

It is a lot o fwork, but you could serve all images and zips from, php
scripts. so instead of using <img src="img17.gif" > you would be using
something like <img src="img.php?im gId=17"> . Now img.php would send
appropriate header, and then stream (from protected location) image byte
stream. Also when img.php could for instance check the referer field, and
stream "not allowed" image. Problem with referer is that browser does not
have to send it, so some of "leagal users" would not be able to see your
images. Another solution is to have (time limited) session ids given with
each request for image, something like <img
src="img.php?im gId=17&sessionI d=098989DDAJK"> . If sessionId is not valid,
no image. Or you could combine the two methods.

rush
--

Re: Need Help to prevent external linking

"CJ Llewellyn" <satest@tmslife line.com> wrote in message news:<cdqhfn$ck 7$1@slavica.ukp ost.com>...[color=blue]
> "George Hernandez" <no_email@no_do main.pud> wrote in message
> news:%F_Lc.59$q 9.114753@news4. srv.hcvlny.cv.n et...[color=green]
> > I have a site on a set of Linux Servers where my site is PHP enabled and I
> > would like to prevent people from externally linking to content on my site
> > and replace it with a warning image.
> >
> > I've researched the following to put in an .htaccess file on teh root of[/color]
> my[color=green]
> > server, but none of the methods or changes or suggestions I've found on[/color]
> the[color=green]
> > web work...[/color]
> -snip-
>
> You have set RewriteEngine On?
>
> Check your server is processing .htaccess files by setting up a password
> protected directory.[/color]

what means "externally linking into your page"? i think you mean using
your pages as part of someone elses site. if that is the case and you
are using a frameset there is a quite simple javascript solution. just
have every html doc check the frameset it's opened in by with

top.document.id

so if the id of the topmost frame is not the one of your own frameset,
you can have javascript perform some action

micha

Re: Need Help to prevent external linking


"rush" <pipa@rush.aval on.hr> wrote in message
news:cdqtd3$ac7 $1@ls219.htnet. hr...[color=blue]
> "George Hernandez" <no_email@no_do main.pud> wrote in message
> news:%F_Lc.59$q 9.114753@news4. srv.hcvlny.cv.n et...[color=green]
> > that is all I have in teh .htaccess file that sits at the root of my[/color]
> server,[color=green]
> > but no matter what, if I type in a URL leading to content on my site
> > architecture, the warning image does not display - the file that was
> > requested is given. I want to force people to have to be at my site to[/color][/color]
be[color=blue][color=green]
> > able to view the images or download the zip files.[/color]
>
> It is a lot o fwork, but you could serve all images and zips from, php
> scripts. so instead of using <img src="img17.gif" > you would be using
> something like <img src="img.php?im gId=17"> . Now img.php would send
> appropriate header, and then stream (from protected location) image byte
> stream. Also when img.php could for instance check the referer field, and
> stream "not allowed" image. Problem with referer is that browser does not
> have to send it, so some of "leagal users" would not be able to see your
> images. Another solution is to have (time limited) session ids given with
> each request for image, something like <img
> src="img.php?im gId=17&sessionI d=098989DDAJK"> . If sessionId is not valid,
> no image. Or you could combine the two methods.
>
> rush
> --
> http://www.templatetamer.com/
>
>[/color]

In my experience, image files served with this method are not cached by the
browser, which can be frustrating for the user.

RU

Re: Need Help to prevent external linking


"rush" <pipa@rush.aval on.hr> wrote in message
news:cdqtd3$ac7 $1@ls219.htnet. hr...[color=blue]
> "George Hernandez" <no_email@no_do main.pud> wrote in message
> news:%F_Lc.59$q 9.114753@news4. srv.hcvlny.cv.n et...[color=green]
> > that is all I have in teh .htaccess file that sits at the root of my[/color]
> server,[color=green]
> > but no matter what, if I type in a URL leading to content on my site
> > architecture, the warning image does not display - the file that was
> > requested is given. I want to force people to have to be at my site to[/color][/color]
be[color=blue][color=green]
> > able to view the images or download the zip files.[/color]
>
> It is a lot o fwork, but you could serve all images and zips from, php
> scripts. so instead of using <img src="img17.gif" > you would be using
> something like <img src="img.php?im gId=17"> . Now img.php would send
> appropriate header, and then stream (from protected location) image byte
> stream. Also when img.php could for instance check the referer field, and
> stream "not allowed" image. Problem with referer is that browser does not
> have to send it, so some of "leagal users" would not be able to see your
> images. Another solution is to have (time limited) session ids given with
> each request for image, something like <img
> src="img.php?im gId=17&sessionI d=098989DDAJK"> . If sessionId is not valid,
> no image. Or you could combine the two methods.
>
> rush
> --
> http://www.templatetamer.com/
>
>[/color]

Also, 'from protected location' would mean the password box popping up
everytime the user loaded the page with that img src.

RU

Re: Need Help to prevent external linking

.oO(George Hernandez)
[color=blue]
>that is all I have in teh .htaccess file that sits at the root of my server,
>but no matter what, if I type in a URL leading to content on my site
>architecture , the warning image does not display - the file that was
>requested is given.[/color]

If you directly type in an URL in the address bar there's _no_ referrer
header sent to the server, so the script can't block the access.
[color=blue]
>RewriteRule .*\.jpeg$ - [F]
>RewriteRule .*\.jpg$ - [F][/color]

Shorter: RewriteRule .*\.jpe?g - [F]
[color=blue]
>I want to force people to have to be at my site to be
>able to view the images or download the zip files.[/color]

Hotlink-blockers rely on referrer information and will work in most
cases, but you can't really prevent it to 100%.

Micha