httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bruno - e-comBR <>
Subject Re: [users@httpd] how to prevent mp3 downloading ?
Date Wed, 08 Apr 2009 12:52:06 GMT
You can difficult it to be downloaded in massive way by automated scripts to
prevent somebody doing massive download if you want.

But, preventing the downloading and allowing it at the same time is
impossible. You have two options: allow or deny.

Allowing the download only for a certain user-agent don't prevent the
downloading. There are many softwares which detects the URLs inserted in
flash files(try to simple download a SWF file and run strings
filename.swf|grep '://'). Then, the software can also try automatically many
user-agents to get it... Or do you think you cannot save YouTube's movies??
(but, of course, it violates their rights, so don't do it)

Back to the topic, you should use a dynamic script which checks for some
"allowing cookie" to let you download it once. This cookie should be
generated in a page loaded before the downloading page. The page which
generates the cookie should ask for typing the content on a image.

downloaded once a time. Of course, there's a cost: HTTP connection errors.
On problems, your visitant will need to go back e do the boring proccess

If you want "less unprotection" you need to pay by it, making your site a
burocratic sheet.


2009/3/23 Brian Mearns <>

> On Mon, Mar 23, 2009 at 6:17 AM, Matus UHLAR - fantomas
> <> wrote:
> > On 20.03.09 16:46, J. Bakshi wrote:
> >> I have a .htaccess ( copied from the some tutorials available in
> >> internet ) to disable site grabbers like wget, curl, httrack etc.......
> >> and I have tested that these tools are not able to download anything
> >> from my site.  nice so far. But If I put the mp3 link available at my
> >> site directly in the browser then browser download the mp3. it is also
> >> true for images. How can I prevent this ?
> >
> > Move them out of DocumentRoot. If the file is availabele via HTTP, it can
> be
> > fetched using HTTP, no matter how you call it.
> > You can only make it harder by checking User-Agent for known strings,
> > clients may not provide it, nor they have to tell the truth.
> > You can make them available only for streaming, but that won't stop form
> > downloading the content too.
> > --
> > Matus UHLAR - fantomas, ;
> > Warning: I wish NOT to receive e-mail advertising to this address.
> > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> > Save the whales. Collect the whole set.
> The closest thing to what you want to do is to actually embed the
> audio data in some way in the flash movie itself and have your flash
> player understand how to parse it and turn it into playback audio.
> This is probably a significant undertaking and ultimately, the audio
> data is still going to client so they can, at worst, record the
> "what-you-hear" stream on their system to an audio file and, at best,
> figure out how to extract the audio data from the flash movie.
> My best suggestion is the same one I would offer to the record
> companies and musicians: if you want people to hear it, give it to
> them unrestricted.
> -Brian
> --
> Feel free to contact me using PGP Encryption:
> Key Id: 0x3AA70848
> Available from:
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:> for more info.
> To unsubscribe, e-mail:
>   "   from the digest:
> For additional commands, e-mail:

Bruno Moreira Guedes <>
e-comBR - Depto. Infra-Estrutura
Fone: (049) 3328-4065

View raw message