«

[BigDaddy]

The reason why I started a new thread for this topic (and didn't attach to the existing 10-page-thread) is that
I basically just wanted to supply a technical guide on how to block the mosw-hotlinking (only).
Maybe it's better to have a new 'slim' thread for this technical discussion.
Please be aware that this should present a solution for all abandonware websites out there, not Abandonia only.
So here we go:

This is how dynamic URLs that depend on your own IP are being generated technically:

The link can be dynamicly created through an .htaccess or Apache. For each click you can check your security settings.

/*** Coding Links ****/
Dynamic URL: http://domain.com/download/some_depend_tem...dfgsdg/game.zip

You create the link with the help of a simple md5 crypting:

<?php
some_depend_temp_name_sdfgsdfgsdfgsdg = md5('word12321' . $_SERVER['REMOTE_ADDR'])
?>


/*** during deCoding Links ****/
Your system checks this:

if ( $temp_part_link == md5('word12321' . $_SERVER['REMOTE_ADDR']) )
//download game

Using this script to link to your gamefiles makes sure that mosw.com can not create a list of valid urls for his surfers.
His downloader software needs such a list to work. The only list of URLs he can create is a list that is
'branded' to his own IP.
Every surfer has a different IP that he can't 'guess in advance' to supply a valid URL to his customers.
Your surfers have no drawbacks from the new link system, they can even keep using download managers.

Okay, so far, so good. The links can and maybe should have a limited lifetime as well.
If you like the approach of this, I can post a script/manual for this as well.

Please let me know if you have questions. Some websites need a different solution but I think in the end we can secure all of you from getting hotlinked. And that's the day when mosw.com has to re-think his business strategy.

BigDaddy

[Data]

mosw uses a download manager which runs on the client pc to downlaod the game
hence the remote address will match in that case.

At least that is what I heard. (the download manager thing) Read on the underdogs homepage/forum oneday

[BigDaddy]

yes, he uses it.

But as I know he stores game-links in one DataBase. He does not get new link every time (for every user).
Thus it must work in such case.

[Data]

on the decoding moment. Do you suggest that the php determines the access to the zip ? using some sort of rule in the .htaccces to pass it through the php file ?
or will the php open the zip and stream it through.

[BigDaddy]

yeah, you are right.
Both ways are good. Select easiest one to implement for yourself.
Stream has limit 512Mb by default as I know. But may be this is enough for you.

[win98]

You've completley lost me. But what ever your purposal is I understand the url changing everyone and then it sounds like a good idea.

[BigDaddy]

You can ask any question you like here or PM me to get this system installed on your website.

[plix]

The big technical hurdle is dealing with the change -- renaming the file will screw with download managers and has the potential to screw up running downloads (depends on the platform and implementation method) for legitimate users.

Something to keep in mind.

[BigDaddy]

Plix,

I have used this system over a year on a website without any problems.
Download Managers will work with this solution.
Honestly I wonder why not more people are REALLY interesting in stopping the hotlinking, it doesn't seem to be such a big issue as it seemed from the posts in that other thread. If you don't want it, you can stop it but nobody wants to start.