[Mongrel] Modifying Apache Conf To Block Leachers

Hunter Hillegas lists at lastonepicked.com
Thu Feb 22 16:28:40 EST 2007

Actually, the minimum of checking is fine - we just want to stop the  
lazy people, not create a secure system to protect these files.

This is content that is available to the world, we just want folks  
grabbing it from our site, not linking in stuff from MySpace, etc..

The technique I'm trying to implement is used often for images and  
the like.

So, given that, anyone have any idea why the checking isn't working?

On Feb 22, 2007, at 11:46 AM, Nathan Vack wrote:

> If people are stealing MP3s, checking referer won't work. It can be
> trivially spoofed.
> You'll need real authentication to stop theft -- either with
> sessions, or HTTP auth.
> -Nate
> On Feb 22, 2007, at 12:28 PM, Hunter Hillegas wrote:
>> We have some MP3s on the site and recently someone has been stealing
>> them and basically leaching them from the site, linking to them from
>> an off-site location.
>> I've been trying to modify my Apache conf to check the referrer and
>> adjust accordingly as below but no luck. I'm wondering if someone
>> else has any suggestions on getting this to work... I would expect
>> this to send the user to error.html if the referrer is not the site
>> in question but nothing at all happens...
> _______________________________________________
> Mongrel-users mailing list
> Mongrel-users at rubyforge.org
> http://rubyforge.org/mailman/listinfo/mongrel-users

More information about the Mongrel-users mailing list