hotlinking – Helicon Tech Blog http://www.helicontech.com/articles Web Server Enhancements Tue, 20 Sep 2011 10:26:16 +0000 en-US hourly 1 https://wordpress.org/?v=5.2.4 Protecting image gallery with Helicon Ape mod_hotlink http://www.helicontech.com/articles/protecting-image-gallery-with-helicon-ape-mod_hotlink/ Tue, 04 Aug 2009 12:33:00 +0000 http://localhost:85/blog/?p=47 Continue reading ]]> What is mod_hotlink? It’s a Helicon Ape module you’ll undoubtedly enjoy. Why? ‘Cause it’ll help you avoid the headache when thinking of traffic leechers. It will do it all for you. And now we’ll illustrate this ingenious process taking Gallery2 photo gallery as an example.To start we need the following ingredients:

  • IIS7-driven website (we use www.helicon_test.com)
  • Gallery2
  • Helicon Ape

Now we are ready to start cooking our healing soup.Firstly, you need to prepare (download and install) the Gallery2 product. Make sure it’s fresh (working fine).

Next, we need to create a link to this gallery on our IIS7-driven site (we put it on the main page). That’s the component we’ll experiment with today.

Take a species mix called Helicon Ape from the shelf and be ready to use it in a moment (install Helicon Ape).Take a pinch of mod_hotlink species and add it to the pot (just uncomment one line).

Stir it all slowly. To reveal the whole bouquet of the dish (protect only necessary folder – in our case it’s /gallery2/), we add

HotlinkProtect /gallery2/

and

SetOutputFilter hotlink

to feel the most delicate notes of taste (to enable links replacing mechanism).

After that the aroma (link to Gallery2) will change for the better (a dynamically generated signature will be appended).

Now all links from our site pointing to Gallery2 folder are dynamically signed and the signature is unique for each client (individual approach to each person is a key to success!), i.e. there’s no way to get the content without this signature or fabricate it (the recipe is our top secret!).

Everyone who behaves badly and is not allowed to taste the dish or who tries to guess it’s components (everyone who attempts to access protected resource with incorrect signature) will get 403 Forbidden response or will be turned out – redirected to the specified URL (RedirectURL parameter).

That is, mod_hotlink makes sure the user obtined the link from our site only (authentic and inimitate one, made acoounting for his preferences). And we have nothing to do with the site – all links on pages are transformed automatically on the fly (as if prepared in a microwave oven)!

Ok, let me see… Mmmm… Today our mod_hotlink-based dish is particularly delicious.
Bon appetit!

]]>