Hotlink protection...

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • echostatic
    Junior Member
    • Apr 2004
    • 19
    #1

    Hotlink protection...

    On my site, epiloguemusic.net, I have hotlink protection enabled, have disallowed unique requests, and removed mp3/.mp3 as an allowed extension. However the direct link to an mp3 from this site:

    http://bbs.vavay.com/f8/t77903/


    ..is able to download the file without redirecting as told to. What the heck? Am I missing something obvious?

    Thanks,
    /.e
    Tags: None
    • Frank Hagan
      Senior Member
      • Mar 2004
      • 724
      #2
      Not sure what's going on, but the way hotlink protection works is to ask the browser for the "referring" site ... so if the browsers appears to have been from your site on the last request, then it will allow the protected item to be sent. Maybe the file leeching site has figured out a way to spoof the referer [SIC] headers. See http://en.wikipedia.org/wiki/Referer_spoofing for some more info on referer spoofing (the misspelling of "referrer" made its way into the official HTML specification, so we are stuck with it!)

      Usually, the problem with hotlink protection is that some security suites will not allow the browser to send the referring header for "privacy protection". People with this kind of privacy protection enabled in Norton Security Suite, Zone Alarm Security, etc., are not able to see the protected content.

        Comment

        Previous template Next
        Working...