Unauthorized access protection

Most web applications like forums, blogs and galleries already integrate some authentication schemes with built-in user databases, logon forms, etc. Application decides which information user is authorized to see and which is not. Problem begins when it is come to restrict access to the physical media files. IIS uses Windows user accounts and NTFS permissions to protect physical files, but usually it is impossible to create separate windows account for every web user and set NTFS permissions.

HotlinkBlocker offers another solution. Simply protect your restricted files using HotlinkBlocker LINK protection method. After that users will be able to access the files only if your application allows access by displaying link to the file. Even knowing of exact file location and name will not help because links are signed using strong cryptographic algorithm and direct access is not allowed. Users who access files will be unable to share links because links are bounded to the client IP and will expire in a defined time. Users who lost their permissions will not get the file because the link will expire.

So only users who get links to the files directly from your application and only in that time can access protected media files. Isn’t it called authorization?

© 2002 - 2007 Helicon Tech. All rights reserved.