: How to avoid MP3 downloading sites from using my files? I have a WordPress site where I'm gonna host files such as MP3s. The thing is I know if I don't do anything, MP3 Crawlers like mp3glu
I have a WordPress site where I'm gonna host files such as MP3s. The thing is I know if I don't do anything, MP3 Crawlers like mp3glu or mp3pleer will come and use my files and bandwidth, which I don't want (it's a free host, and since he's already kind enough to host me, I don't want to cost him too much, you know).
Now I saw that I could use the htaccess file, but... how ? I currently have this :
RewriteEngine on #Disallow blank: #RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?thomaskowalski.net [NC]
RewriteRule .(jpg|jpeg|png|gif|mp3|mp4)$ - [NC,F,L]
Basically, I wanted to try to say that the pensees thing was not here anymore if the referrer was not my website itself (thomaskowalski.net). Though, it doesn't work. I created a random reddit post so my referrer should not be my site and well it works as if i had done nothing (if whatismyreferrer is right, the referrer is empty)
Any idea ? I precise that the pensees is not a file nor a directory, it's a wordpress network blog, but doing anything else (with a file for example) does the same.
Thank you in advance
More posts by @BetL925
4 Comments
Sorted by latest first Latest Oldest Best
It is easy to convert YouTube to MP3 and download MP3 from YouTube using our website. And because our tool is strictly an online platform, you can do your thing on any device-- anytime, anywhere. Do you want to know what the best part is? Our service is absolutely FREE! mp3download.to/
I once went for a solution which was simple, but effective:
// You place this in your index.php
session_start();
$_SESSION['is_user'] = true;
// And this in your download.php:
session_start();
if( isset($_SESSION['is_user']) ){
// Download magic here
}
A crawler often doesn't set a session, and for those that do often don't store it to the next url.
To stop hotlinking from any website just add this to your htaccess:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)example.com/.*$ [NC]
RewriteRule .(gif|jpg|jpeg|bmp|zip|rar|mp3|flv|swf|xml|php|png|css|pdf)$ - [F]
more info Here
UPDATED:
It worked well for me when I hosted mp4 files
UPDATED: this is what I used for my website and it seemed to work well. Other websites could not stream my videos at all. This is not just for blocking other websites to use your files. I just want to show where the bit of code you are looking goes.
Options -Indexes +FollowSymlinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^watch/([^/]+)/? view.php?id= [NC,L]
RewriteRule ^([0-9_-]+)/?$ index.php?id= [L]
RewriteRule ^([a-z-]+)/?$ search.php?q= [NC,L]
RewriteCond %{THE_REQUEST} /search(?:.php|)?q=([^ &]+)
RewriteRule ^ /%1? [L,R]
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?mysite.com [NC]
RewriteRule .(jpg|jpeg|png|mp4)$ - [NC,F,L]
I would not depend on the referrer.
The easiest way is to make a set of rules with IP addresses you want blacklisted as well as user agents you want blacklisted and if a remote user matches any of the blacklists, then they will receive the not-authorized page. Below is a template you can use. replace the set of three x's with digits for the IP address and the slashes are next to the dots to make them literal. Also, change secretmp3folder to the folder where your MP3's are stored.
RewriteEngine On
RewriteCond %{REMOTE_ADDR} xxx.xxx.xxx.xxx [OR]
RewriteCond %{REMOTE_ADDR} xxx.xxx.xxx.xxx [OR]
...
RewriteCond %{REMOTE_ADDR} xxx.xxx.xxx.xxx [OR]
RewriteCond %{REMOTE_ADDR} xxx.xxx.xxx.xxx
RewriteRule ^/secretmp3folder/(.*)$ - [R=403,L]
RewriteCond %{HTTP_USER_AGENT} ^badagent$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^terribleagent$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^insaneagent$
RewriteRule ^/secretmp3folder/(.*)$ - [R=403,L]
Another thing you can do is when advertising the download, make the link to it a special page that sets a cookie then redirects the user to the download.
Here's an example. (keep in mind I'm excluding common HTTP headers and I'm only showing content within the body tags)
The advertisement page:
<p>Download any of these songs</p>
<a href="download.php?mp3=song1.mp3">Song 1</a><br>
<a href="download.php?mp3=song2.mp3">Song 2</a><br>
The download.php script the links link to:
<?php
if (intval($_GET['DOWNLOAD']) != 1){
$file=$_GET["mp3"];
setcookie("candownload",1,time()+86400,"/","example.com");
header("HTTP/1.1 301 Moved",true);
header("Location: example.com/path/to/download.php?mp3= .$_GET["mp3"]."&DOWNLOAD=1",true);
}else{
if (intval($_COOKIE["candownload"]) != 1){
echo "Access denied";
}else{
header("content-type: application/ms-download",true);
header("content-disposition: attachment; filename=".$_GET["mp3"],true);
echo file_get_contents("/path/to/".$_GET["mp3"]);
}
}
?>
The script isn't 100% perfect since some things needs tweaking depending on where the MP3 files are on your system. But the idea is when someone clicks a downloadable MP3 file, they are taken to a redirect page and at the same time a cookie is stored on the clients computer to identify them as a client. then after the redirect, the client is validated as a client and the download immediately begins.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.