Solved

The best way to restrict access to file using Referrer (iis)

Posted on 2012-03-29
5
2,038 Views
Last Modified: 2012-03-30
Hello.

I have lot of media on my server (video and images).
I want to block the access to the files directly and allow to view the files when there are embed in my  webpage. (for example: www.example.com)

What is the best way to do it?

I am using IIS7.

If it is not possible in IIS7, I would like to hear ideas, how to do it in APACHE. (I can move to apache)
0
Comment
Question by:Aminadav
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 

Accepted Solution

by:
Aminadav earned 0 total points
ID: 37785257
I don't like this website always need to search for answers alone.

To do it,
go to IIS7,  URL Rewrite module.
Create new rule from template, request blocking.
Change it to header "referrer", and doent match text:
"*.example.com/*"
0
 

Author Closing Comment

by:Aminadav
ID: 37785260
I found it alone.
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 37785335
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37785967
hope you're aware that the Referer check is no bullet proof solution
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 37786022
It is one of the easiest to bypass. Another way is to encode the file and then send it byte by byte, which I was working on a finished piece of code when the asker closed the question.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
Lease-to-own eliminates the expenditure of hardware replacement and allows you to pay off the server over time. Usually, this is much cheaper than leasing servers. Think of lease-to-own as credit without interest.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question