Bandwidth theft...?

Paul · 12-22-1998, 11:36 PM

Just curious.. how would one keep someone from "live linking" to files etc. on my website? I have someone doing that with midi files.. I tried changing it to play "TAPS" on their website.. then Halloween music (when I know they want Christmas music).. now I am trying obnoxious music.. emails have went unanswered and I am running out of ideas.
Any suggestions?

**Terra** · 12-22-1998, 11:48 PM

*Evil Grin* - Depends if you want to be naughty or nice...

I would use mod_rewrite to try to *adjust* what they receive... It's not 100% foolproof as it would depend on 'referrer' field...

I do this within the Apache server configuration itself...

Nice:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.pumpkindriver.com/.*$ [NC]
RewriteRule .*\.mid$ - [F]

Naughty:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.pumpkindriver.com/.*$ [NC]
RewriteRule .*\.mid$ taps.mid

Above is one of the many slick tricks you can do with mod_rewrite...

In a nutshell:
if other end doesn't send referrer field - do nothing
if other end does send referrer field - test to see if it's a local referrer - if yes do nothing
if no - rewrite any .mid file to taps.mid

--
Terra
sysAdmin
FutureQuest

**Deb** · 12-23-1998, 12:06 AM

p.s.

taps.mid should be something REALLY HUGE in file size... oh if you have a few megs to spare then a 5 meg .mid should help get the point across

[This message has been edited by Deb (edited 12-23-98).]

Zeb · 12-23-1998, 01:01 AM

I am going to ask a related question that I probably shouldnt ask, but the evil grin got my creative juices flowing...Mind you, this is a dont try this at home kids question...but I cant resist. Could you conceivably use mod_rewrite to make that .mid access a ping execution file? (like on hostinvestigator) Then of course that file would specify someones ip add..etc, so that everytime they decided to abscond with files they would get pinged?

Zeb
Living in fantasy land...

**Terra** · 12-23-1998, 02:01 AM

Actually, yes you can... I can *easily* redirect the request to a CGI script...

I've got a *very* hostile EmailSiphon buster that I wrote to protect FutureQuest.net realm (all domains as well)...

Anything that comes in from the various types of EMail address siphons/harvesters out there, I fire this back at them...

I don't like spamming, and this was my little guerilla warfare tactic to curb our customers email addresses ending up on Spam lists...

http://www.futurequest.net/cgi-sys/S.../no-harvest.pl

It doesn't matter what site they hit, or which URL they start at -- if your domain is on FutureQuest, they will not get past this...

Just one of the many things that people just don't know about, that happens behind the scenes with FutureQuest...

--
Terra
sysAdmin
FutureQuest

------------------
www.FutureQuest.net
--The best way to predict the future is by inventing it--

Del · 12-23-1998, 02:48 AM

Quote:

I've got a *very* hostile EmailSiphon buster that I wrote to protect FutureQuest.net realm (all domains as well)...

That's why I love FQuest, y'all actually do stuff to help. The last host I was on said they stopped EmailSiphon from hitting us. Turned out they just added it to the robots.txt file (which, as we all know, emailsiphon ignores...).

I love this place!

------------------
Del
http://www.downinit.com/

Paul · 12-23-1998, 06:25 AM

Thanks for the replies.. I haven't figured out which path I will take, but I'm gonna do "something".. so there.

12-23-1998, 07:13 AM

Quote:

It doesn't matter what site they hit, or which URL they start at -- if your domain is on FutureQuest, they will not get past this...

You mean that many known email-grabbers will get your nice list of broken addresses?

That's a super-cool feature !!! Again, I'm glad to be hosted by FutureQuest.

Do you have more of this useful features that run behind the scenes?

Greetings from Bonn, Germany
Meikel
http://www.tickerland.com
http://www.meikel.com

**Terra** · 12-23-1998, 08:04 AM

Ahhh, the others are fairly boring - you know, mundane sysadmin stuff...

--
Terra
sysAdmin
FutureQuest

Zeb · 12-23-1998, 08:31 AM

terra - -
That was absolutely beautiful!!! I have a superfast connection (t1) and I never thought I would get through that list. That was as good as (and much more legal than) evoking the almighty "ping of death"!

Its beginning to look a lot like christmas..

Zeb