is that good antihotlink measure

[bunelul]

Hello

I got an idea of a simple antihotlink measure. 4images gurus: please tell me is OK or not?

Instead of loading pages with scripts hiding image path i changed the name of "data/media" folder to "data/NNmedia" and changed the path for media folder in "includes/constants.php" file. The 4images script is working well, but i`d like to hear the script experts opinions if this measure is ok or not.
The "NN" on the media folder name means digits from 01.....99 and, if this ok, it should be changed randomly by hand from time to time...

thank you in advance!
have fun with 4images

[V@no]

well...I guess if you dont mind bunch of 404 errors in your server error logs, then yes, it should work just fine, I think

[bunelul]

Hello


Thanks for your replay, Vano.

I just did a small "error.html" page and a line included in .httacces
Anyway the increasing of logs is less problematic than up to 25% of site bandwidth used by hotlinkers, or a increase of server load by image paths hiding/changing scripts.

Thanks.
Have a nice week!

[V@no]

btw, if your server is using UNIX and if you have access to cronjob or shell, you can use this automatice (cronjob) or semi-automatic (shell) method:

1) create somewhere not accessible from the web newmedianame.txt file with the current name of your media folder inside of it

2) use this command:[qcode]DATADIR="/full/path/to/your/4images/data/"; STOREFILE="/www/newmedianame.txt"; OLDNAME=$(head -1 $STOREFILE); NEWNAME="media"$(stat -c %Z $DATADIR$OLDNAME); mv $DATADIR$OLDNAME $DATADIR$NEWNAME; echo $NEWNAME > $STOREFILE;
[/qcode]change the /full/path/to/your/4images/data/ to the full local (not internet!) path to data folder of your gallery (with trailing slash!)
change /www/ to full local path to where your newmedianame.txt file is, the same path you must use in constants.php

3) in includes/constants.php use this line for MEDIA_DIR:[qcode]define('MEDIA_DIR', 'data/'.trim(file_get_contents("/www/newmedianame.txt")));
[/qcode]

4) and just to make these modifications compatible with PHP version below 5, add this into includes/functions.php:

Code: [Select]

if(!function_exists('file_get_contents'))
{
  function file_get_contents($file)
  {
    $file = file($file);
    return !$file ? false : implode('', $file);
  }
}

After this everytime you execute the command (step 2) 4images will automaticaly use the new media folder.

Please if you are going to test it, please do it on a test gallery first I only tested it on FedoraCore4 in bash shell and as cronjob.

P.S. I forgot to mention, that your method (renaming media folder) will also encrease bandwidth usage, because every time the folder was renamed the visitors will redownload files again

[mark1491]

I have a cron job setup on one of my servers users, and have tested it  in the shell and it works fine.  But now when I do a cronjob

I put this command in the command part of the cron setup for example with test.com:  I have directAdmin

DATADIR="/home/test/domains/test.com/public_html/data/"; STOREFILE="/testcron/cronjobhumor/newmedianame.txt"; OLDNAME=$(head -1 $STOREFILE); NEWNAME="media"$(stat -c %Z $DATADIR$OLDNAME); mv $DATADIR$OLDNAME $DATADIR$NEWNAME; echo $NEWNAME > $STOREFILE;


But when I look at the log I only get this out of the command from above, it stops just before %


Aug  8 23:04:01 server177 crond[17486]: (test) CMD (DATADIR="/home/test/domains/test.com/public_html/data/"; STOREFILE="/testcron/cronjobhumor/newmedianame.txt"; OLDNAME=$(head -1 $STOREFILE); NEWNAME="media"$(stat -c

Do I need to have something other than the %, and if so what would that replacement be

Thanks in advance
Mark

[V@no]

Did you run it under "test" user? is that user has read/write permissions for the data directory and newmedianame.txt file?

how did you setup the cronjob? where did you put this command?

[mark1491]

I put it right where it says command in the cronjob.

It isn't the test user, i just put that there so that i didn't reveal and domain names, i thought that might be illegal on this forum.

The command shows in full after it has been saved in the cronjob control panel so i know it is correct, but when it runs and I take a look at its log it only shows:

Aug  8 23:04:01 server177 crond[17486]: (test) CMD (DATADIR="/home/test/domains/test.com/public_html/data/"; STOREFILE="/testcron/cronjobhumor/newmedianame.txt"; OLDNAME=$(head -1 $STOREFILE); NEWNAME="media"$(stat -c

instead of:

DATADIR="/home/test/domains/test.com/public_html/data/"; STOREFILE="/testcron/cronjobhumor/newmedianame.txt"; OLDNAME=$(head -1 $STOREFILE); NEWNAME="media"$(stat -c %Z $DATADIR$OLDNAME); mv $DATADIR$OLDNAME $DATADIR$NEWNAME; echo $NEWNAME > $STOREFILE;

it looks like it stops at the "%"

I might have been confusing, i messed up copying and pasting the code in my previous post, but i edited it just now.

Thanks,
Mark

[V@no]

ok, so the question is: does it rename the directory?

I just checked on my server, in the logs it shows correct (full) command...

P.S. I really dont have anough knowlege or experience with linux, so no much further help I can give with this issue...
if it makes any difference, I tested it via webmin...

[zoomos]

This ia genius way to hot link protect!

The only 404's you would get are the people who are hotlinking the file.. I really hate hotlinkers.. bandwidth is not cheap and regardless what hosting companies say about "unlimited bandwidth" It's a myth!

[mark1491]

I got everything working great! It was my servers fault!  I just had to manually change my crontab file.

Anyways I also think this is the easiest and best form of hot link protection there is for embedded.

Thanks Veno

[Mirwais]

P.S. I forgot to mention, that your method (renaming media folder) will also encrease bandwidth usage, because every time the folder was renamed the visitors will redownload files again

Is it possible to avoid increase of bandwidth??