[Mongrel] Modifying Apache Conf To Block Leachers

Nathan Vack njvack at wisc.edu
Thu Feb 22 14:46:00 EST 2007


If people are stealing MP3s, checking referer won't work. It can be  
trivially spoofed.

You'll need real authentication to stop theft -- either with  
sessions, or HTTP auth.

-Nate

On Feb 22, 2007, at 12:28 PM, Hunter Hillegas wrote:

> We have some MP3s on the site and recently someone has been stealing
> them and basically leaching them from the site, linking to them from
> an off-site location.
>
> I've been trying to modify my Apache conf to check the referrer and
> adjust accordingly as below but no luck. I'm wondering if someone
> else has any suggestions on getting this to work... I would expect
> this to send the user to error.html if the referrer is not the site
> in question but nothing at all happens...



More information about the Mongrel-users mailing list