How to prevent downloading and leeching media files

How Do I Stop Hotlinking, Bandwidth Theft, Downloading and Leeching media files?

You can stop downloading / hotlinking / leeching your site’s files using .htaccess in your Apache root or directory. The Apache mod_rewrite must be enabled for this.

The 1st line of the above code begins the rewrite. The 2nd line matches any requests from url. The [NC] code means “No Case”, meaning match the url is not case sensitive. The last line matches any files ending with the extension pdf|zip|gif|jpg|dmg|flv|mp4|mp3|rar have blocked access or 403 error.

Please find more media file extensions here…

You can see access is blocked for some files other are showing here….

Files on FTP….

Here is demo for JWPlayer…

Even you can download files any case you can play that file because it content below code πŸ˜‰

We you try to download media file it will show following access error…

You can block some traffic using server’s firewalls πŸ˜‰

Check your URL, if you see your media load, your media can be hotlinked.

There are actually quite a few reasons to use .htaccess

1. Make URLs cleaner and easier to remember for visitors.
2. Make dynamic pages appear as static for SEO.
3. Security / Protection for PHP sites.
4. Sub-Domain managements……

Demo: How to protect file leeching

The best and most practical way to stop theft is to use a streaming server like Red5, Wowza, FMS etc. HTTP Streaming is very insecure but RTMP / RTSP are best on streaming server πŸ˜‰

Time is nature’s way of making sure that everything doesn’t happen at once. Space is nature’s way of making sure that everything doesn’t happen to you.

How to clean malware from website?

Malware, short for malicious software, is a software designed to secretly access a computer system without the owner’s informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

Sucuri SiteCheck is a free & remote scanner. SCAN Website

You have seen above warning many times when you want to browse website using web browsers. This is the warning from search engine bots like Google for website is affected from malwares or viruses. If you still want to access website, it can affect your system or system resources.

Most of times websites are hacked or unauthorized accessed from hackers or cross-site scripting (XSS) or cross-site request forgeries (CSRF).

There may be lot of “holes” in website security that invite hackers to play their game.

The possible HOLES may be:
1. File/Folder permissions
2. Poor authentication for application
3. Cross-Site Scripting
4. Cross-Site Request Forgeries
5. Anti-Virus Software
6. File formats
7. Network “Firewalls/Filters”
8. Shell access & Logs

Please check some link to make web application secure and safe πŸ˜‰

You can review online Virus & Threat Scanner for cleaning malwares & viruses. These softwares are designed to run on your web server and scan your public web files for malicious code.

Google Safe Browsing Tool

Norton Safe Web

You can search for more tools like…
Security Pro | SiteMonitor | IP trap | htaccess | AntiXSS | Check Permissions | KISS FileSafe

If you are running PHP website under Apache & MySQL, make sure file and folder should not be access public. You have to check PHP function’s security for more secure access.

PHP Functions may be used in hacking:
1. file_get_contents()
2. base64_decode()
3. eval()
4. exec()
5. preg_match()
6. gzuncompress()
7. urldecode()
8. error_reporting()
9. shell_exec()
10. setcookie()
11. chmod()
12. is_writable()
13. move_uploaded_file() and copy()


disable_functions = exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source

The above functions can be used by hackers to write malicious code to your files. The malicious code executed using eval() that will execute every run of website. So, disable eval(), file_put_contents(), file_get_contents(), exec() etc. You can check safe_mode in php.ini for disabling shell access πŸ˜‰

Most of the time websites are hacked using file_get_contents(), eval(base64_decode()), urldecode(), include() or iframes.

You can search infected file on web server “/var/www/” using below command:

# grep -iR ‘eval(base64_decode(‘ /web-root
# grep -iR ‘ # grep -iR ‘urldecode(‘ /web-root
# grep -iR ‘file_get_contents(‘ /web-root
# grep -iR ‘exec(‘ /web-root

As soon as infection found, you have to backup all application running on web server, now you have to remove infected files manually or using scanner.
Now all up to you how you can manage your web server more securely…

I’ve found that luck is quite predictable. If you want more luck, take more chances. Be more active. Show up more often. πŸ˜€

Protect website folders by .htaccess

<IfModule dir_module>
DirectoryIndex index.html index.php index.php4 index.php3 index.cgi index.htm index.shtml index.phtml

<IfModule mod_rewrite.c>
RewriteEngine on

RewriteBase /

RewriteCond %{REQUEST_URI} !(css)
RewriteCond %{REQUEST_URI} !(js)
RewriteCond %{REQUEST_URI} !(images)
RewriteCond %{REQUEST_URI} !(videos)
RewriteCond %{REQUEST_URI} !(cache)