Solved

The best way to restrict access to file using Referrer (iis)

Posted on 2012-03-29
5
1,909 Views
Last Modified: 2012-03-30
Hello.

I have lot of media on my server (video and images).
I want to block the access to the files directly and allow to view the files when there are embed in my  webpage. (for example: www.example.com)

What is the best way to do it?

I am using IIS7.

If it is not possible in IIS7, I would like to hear ideas, how to do it in APACHE. (I can move to apache)
0
Comment
Question by:Aminadav
  • 2
  • 2
5 Comments
 

Accepted Solution

by:
Aminadav earned 0 total points
ID: 37785257
I don't like this website always need to search for answers alone.

To do it,
go to IIS7,  URL Rewrite module.
Create new rule from template, request blocking.
Change it to header "referrer", and doent match text:
"*.example.com/*"
0
 

Author Closing Comment

by:Aminadav
ID: 37785260
I found it alone.
0
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 37785335
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37785967
hope you're aware that the Referer check is no bullet proof solution
0
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 37786022
It is one of the easiest to bypass. Another way is to encode the file and then send it byte by byte, which I was working on a finished piece of code when the asker closed the question.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An overview of HIPAA and guidance on this topic that Experts Exchange members can offer.
A customer recently asked me about anti-malware and the different deployment options available for his business. Daily news about cyberattacks, zero-day vulnerabilities, and companies that suffered a security breach made him wonder if the endpoint a…
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now