Date: Wed, 21 Sep 2005 17:20:23 GMT From: "Dexter J" <lamealameadingdongnospamlamelame.org> Subject: Re: Calling Dexter J, I need to e-mail you the Saabvideo logs
Salutations: On Wed, 21 Sep 2005 13:32:21 -0300, saabyurk <tednospamrkon.com> wrote: > > Dexter J wrote: > While you are at it - you >> might want to look at changing links to specific video's you have >> already >> posted out here - it will help you narrow down who is swiping your vids >> (they will now appear in the error logs as dead link attempts) and it >> should slow down the transfer totals for a while. > I don't know much html, and no Apache, so this is a dumb question, but > would there be an easy way for Ryan to eliminate the href on the > thumbnail and replace it with a "download" button to keep people from > just clicking and viewing live or casually viewing that way? I'm > thinking he could force users to save it to view it, and to hide the > videos from web bots. Yes - he could drop the vids into a couple of passworded sub-directories on the site - then provide a password hint in the message box that pops up when a user clicks through to download. Then make an adjustment to the mime types to attempt to force an application.vnd exchange to a known null client. Not fool proof by any means and not everyone 'gets it' when they come across the password hint in the logon box - but it does force a somewhat more targeted automated slurp and mostly forces a download (this latter part being driven much more by the particular browers visiting). Do not include reference to the password and ID in the page link other than to say there is one and how to figure it out. It's only a stop-gap measure though, pro-slurpers are clever beans. The correct way to go right now is to use mod-rewrite and a cgi so that the system demands several parameters be met in addition to hitting the link and filling out the password. Someone is going to suggest an FTP server somewhere this process. I *highly* recommend *against* it at this point in time and have dropped the standalone FTP server as part of the Mark-III build here at Radio Free Dexterdyne. There are several very serious things going on regarding the FTP cracking and the firewall worlds right now that is rapidly making FTP server technology both unsafe and unreliable in production. I built a backend cgi that performs the all same functions as FTP that, while not as easily load-balanced as pure FTP, is *substantially* less open to exploit and more reliable through most firewalls. If you do go with the hinted passworded/mime type .htaccess kit - you want to cycle the passwords every month or two. This is sort of labour intensive on a bigger site. Not that much of a hassle for a small hobbie site though. Still - at the end of the say - it's all in the log work though. Know what's supposed to happen there in a normal exchange and it makes it *much* easier to deal with exceptions. -- Radio Free Dexterdyne Top Tune o'be-do-da-day Martin Sinatra Davis - Me and My Shadow http://www.dexterdyne.org/888/064.RAM all tunes - no cookies no subscription no weather no ads no news no phone in no sign up required - all the Time
 |
 |
 |
 |
 |
