Guys I already asked in a more specialized (within this subject) the following:


Hi guys I am about to ( in some hours) to launch a web with some audio files of lectures of my university/ no copyright thing such. My main concern is having my download links being stolen ( copied) . I would like to provide an easy way ( no captcha, nothing fancy) in which my colleagues (students) could click and download the file but I would not like to have my stuff ripped off.

Any ideas?

Medicine students do not like to fiddle with computers so complex solution would not suit them.

Thanks in advance

Any idea of a simple way to do so? Should not be complex either for me to implement it or for them to download. They must be able to click the hyperlink and wam-bam ( download). BUT I need to make sure they cannot rip me off ( at least in an obvious way)

Special thanks

J

Can you clarify what you mean by being ripped off?

Guys I already asked in a more specialized (within this subject) the following:



Any idea of a simple way to do so? Should not be complex either for me to implement it or for them to download. They must be able to click the hyperlink and wam-bam ( download). BUT I need to make sure they cannot rip me off ( at least in an obvious way)

Special thanks

J


dynamic links ... which expires every 5min?

dynamic links ... which expires every 5min?

that assumes said content can be properly downloaded in 5 mins.
What would be better would an expiration time based explicitly on the size of said file.

that assumes said content can be properly downloaded in 5 mins.
What would be better would an expiration time based explicitly on the size of said file.

good thinking. :up:

My suggestion would be to go a bit more complex with it. Set up a dynamic link that will expire within 30 minutes no matter what size the file is and only allow it to be used from the IP address of the client who the code was generated for. If that link is actually used, increase the expiration dynamically. I think that is closer to the "average" approach utilized by download houses and the such.

Start off by doing the obvious: before allowing the download check the referrer make sure it is you.

Start off by doing the obvious: before allowing the download check the referrer make sure it is you.

Please don't do this. As a downloader, I often find that annoying when I can't get a download to start just because I started it by copying and pasting the link.

only allow IPs from within the uni to access your files.
against hotlinking you can use http referrer checking: if referrer not empy and referrer not "yoursite.com" then deny download
you could use simple http authentication so that students need to know the password which you give them in the course

only allow IPs from within the uni to access your files.
against hotlinking you can use http referrer checking: if referrer not empy and referrer not "yoursite.com" then deny download
you could use simple http authentication so that students need to know the password which you give them in the course

Actually it may be a question of cost than of control of content but I don't know for certain; thus we would need to know before we can evaluate your suggestion.

from what i understand, the op means that his links get passed around to people who are not supposed to have them

hard to imagine bandwidth becoming any issue... unless he is hosting paris hilton's phone recordings or something

Can you clarify what you mean by being ripped off?


Grabbing the urls of the recordings and posting someone else making me pay for the BW involved ( which would cost me money and have less visitors )


dynamic links ... which expires every 5min?


That would be a nice idea although I do not know how to implement such a thing


that assumes said content can be properly downloaded in 5 mins.
What would be better would an expiration time based explicitly on the size of said file.

What I though was of a dynamic link generated for the person who downloads the file (that contemplates his IP and time that the file is being downloaded). It would mean a different link for each visitor and the urls would change every X time ( but will allow the user who is already downloading the file to finish it).


good thinking. :up:

Good point yes, but does not contemplate the perspective I considered which would make the X time idea a good one :)


My suggestion would be to go a bit more complex with it. Set up a dynamic link that will expire within 30 minutes no matter what size the file is and only allow it to be used from the IP address of the client who the code was generated for. If that link is actually used, increase the expiration dynamically. I think that is closer to the "average" approach utilized by download houses and the such.


That what I was trying to express :up::up::up::up: many thanks


only allow IPs from within the uni to access your files.
against hotlinking you can use http referrer checking: if referrer not empy and referrer not "yoursite.com" then deny download
you could use simple http authentication so that students need to know the password which you give them in the course


students DL the recordings from their homes ( we do not have a campus :S). So there is no way to filter Ip's and some people Download files while being abroad ( to be able to be on schedule with classes by listening to them)


I will check on that http referrer.

thanks


Actually it may be a question of cost than of control of content but I don't know for certain; thus we would need to know before we can evaluate your suggestion.

I am more concerned about control rather than cost if I had to choose between one of them ( of course both are variables that concern me quite a lot)


from what i understand, the op means that his links get passed around to people who are not supposed to have them

hard to imagine bandwidth becoming any issue... unless he is hosting paris hilton's phone recordings or something

I would like users to enter my web to have the content downloaded to their computers. I would not like to be the one hosting files for someone who wants to clone my web ( the idea ) and use me as his hoster by linking the recordings uploaded to my server in his web.

I am more concerned about control rather than cost if I had to choose between one of them ( of course both are variables that concern me quite a lot)

Since control is by definition impossible once a group expands past a certain size; I would suggest something easy for parties involved to access but hard for other parties to forge. For example an assigned username and password to the site [emailed directly to them] that automatically revokes once they are no longer in the situation that prompted you to give them access to said media.

Unfortunately once a student is able to use said media; you have lost ALL control [Because there is nothing you can do to stop them from uploading it to some site]

But since you mentioned they are Medical students, using a streaming media service might use more bandwidth, it would appear to be something they can't download or copy [while in reality it would be easy] hence reducing the odds of one of them uploading said media.

Since control is by definition impossible once a group expands past a certain size; I would suggest something easy for parties involved to access but hard for other parties to forge. For example an assigned username and password to the site [emailed directly to them] that automatically revokes once they are no longer in the situation that prompted you to give them access to said media.

Unfortunately once a student is able to use said media; you have lost ALL control [Because there is nothing you can do to stop them from uploading it to some site]

But since you mentioned they are Medical students, using a streaming media service might use more bandwidth, it would appear to be something they can't download or copy [while in reality it would be easy] hence reducing the odds of one of them uploading said media.

I always admire how you contemplate every single and possible scenario. You recall me of a friend here from XS who is a hardcore programmer ( I attributed him that title).

Users will be downloading the files (mp3, not streaming) as my idea is to facilitate them the info so that they can carry it along with them in their mp3 players.

Of course they can DL an upload and host it themselves BUT they would be making quite a boring and tough task as they are a vast amount in different sections.

A solution with password would make no sense as I want to provide a "for dummies solution" as they do not know much about web and a password would add them hassle. I would want an ADDH solution ( like the syndrome I have in which stuff should be hassle free otherwise I frustrate, but this is no longer it in my case ;) ) in which I am not the stupid guy making filehosting for someone who decides to steal my links and make me pay for bandwidth.

How can the dynamic links be applied? Should I use a script? In which direction should I look ( language of it, etc)

Many thanks

if they can figure out facebook [and chances are they can], then logins shouldn't be a problem.

I do not get the facebook example but I found a simple way to mod the htaccess (Forbid linking to files in this dir?) clicked yes and works :P

thanks