Login/Register
How To Prevent File HotLink from Internet Download Manager IDM
Asked Answered
Solved php.htaccessstreaminghotlinking
S

1

11

Am having some issue fixing media file hotlink or download using IDM, am working on serving a video file using PHP and it works fine, but I notice that IDM installed on my computer was able to add download box to the video I am playing using jwplayer. I change the structure of code and added htaccess to rewrite the link, so that the direct access to the file is not display.

mysite.com/file.php?myvideo.flv -> mysite.com/api/file/JU78vhx5uh

I was able to implement this in JWPlayer and it works when serving with PHP, yet the same IDM fetch my video file, I search for other means which is htaccess and it is below

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]

RewriteCond %{HTTP_REFERER} !^$

RewriteRule .*\.(mp4|flv|mp4|mp3)$ /video/thieve.flv [L]

This only work for web browsers and doesn't stop IDM software, I found another PHP referer validator, which check the refere link.

if (strpos($_SERVER['HTTP_REFERER'],'mysite.com')===0)

 {
    header("Location: whatever.php"};
 }else{
    header("Location: index.php");
 }

NB: I found out that IDM sent this information to my script

  1. USER AGENT:Mozilla/4.0%20(compatible;%20MSIE%208.0;%20Windows%20NT%206.0;%20Trident/4.0)

  2. Http_referer:mysite.com/api/file/JU78vhx5uh (the same with the page where my video is been played).

Please how else am I to prevent hot-linking from this software, because this website is serving free video streaming and I don't want my video downloaded.

Signify answered 9/1, 2013 at 11:6 Comment(1)
Really man, the only way for not having your video downloaded is not serving it, I would spend my time in something more productive...Inhesion
C
7

In general, the only way to prevent users from downloading your videos is to really stream them via the server. The "emulated streaming" via showing already preloaded video frames will be always "hackable" one way or the other, because in the end you need the player software to know the address - which of course is the full .avi/.mp4/.whatever.

There are quite some streaming servers, also some open source ones are available. A good starting point may be this list. For Linux, Darwin might be one of the best options.

Once you really stream your content, only very advanced users will be able to grab your content by using streamgrabbers (I think there are even servers where this does not work, e.g. Adobes streaming solutions).

Cranston answered 12/4, 2013 at 15:14 Comment(4)
Exactly. Also, I've personally been able to grab each and every stream I've watched, including recent Adobe exotics :)Decastyle
Most of the times you don't really need to be a hacking guru to grab a video. The Darwin streaming server you comment is just a RT(S)P streaming server, which can be easily grabbed by ffmpeg or VideoLANInhesion
@Inhesion true, but that's already "magic" for 98% of the users I dare say. On the other hand, taking some Firefox addon video downloader and clicking "download" is doable for most of them.Enshroud
By the way, taking a real streaming solution also saves you traffic. A pseudo-streaming video will per default be downloaded completely even if the user paused it (Youtube recently implemented techniques to stop that), the stream will stop automatically after 4 or 5 seconds (this can be set in the server).Enshroud

© 2022 - 2024 — McMap. All rights reserved.