Discussion About Ways To Avoid Grabbers From Your Site

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Discussion About Ways To Avoid Grabbers From Your Site

    Heya Folks,

    As these days more and more grabbers are becoming popular, its possible you may fall prey to one of those grabber and they might steal your bandwidth as well as your efforts and credit.

    So this topic is to discuss various ways to avoid grabbers grabbing your site. I have gone through few ways and tricks..but none of them is truly foolproof..all of them share your views or ways if you have any.

    1. The most common way everyone of us use is to enable hotlink protection. Doing this most of all would be unable to download our files from any other site. But then these days grabbers are also intelligent and send referrer headers same as our domain, which enables them to download the same files from their site only without any problem.

    2. Other simplest way is to block the culprit server IP, but then the problem is to find out how many sites are using your grabber and they might be hundreds in number.

    3. Even putting our url and site name is pages is of no use..since most of them filter these and replace with their own name and url

    4. One more option is to allow rendering of page only if the referrer is our own domain only, otherwise dont render the page. But then again few phones and browsers dont support html referrers and then grabbers can also fake the referrer.

    5. One of the best option is to use login and session system, under which the page will only open or file will only be downloaded if the user is logged in and proper sessions are maintained. But then most of visitors dont like login systems just to download files and plus intelligent grabbers will be able to bypass this also.

    Share your views friends

    #2
    Originally posted by ViCkSy View Post
    4. One more option is to allow rendering of page only if the referrer is our own domain only, otherwise dont render the page. But then again few phones and browsers dont support html referrers and then grabbers can also fake the referrer.
    this one is not a very good idea because not all browsers send referrer informations.

    another way is to put a captcha image for download page and block in it refferers from different domains.
    Advertise your mobile site for FREE with AdTwirl

    Comment


      #3
      best way is use javascript to set a cookie ....
      The coookie that is set has to be unique eg maybe a combination of time browser and ip and time details eg:
      PHP Code:
      <?
      $data = time().$_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'];
      $encrypted = md5($data);
      ?>
      then set cookie:
      PHP Code:
      <script language="javascript">
      document.cookie =  'downloadcookie=<?=$encrpted?>; expires=Thu, 2 Aug 2001 20:47:11 UTC; path=/'
      </script>
      then later in page
      PHP Code:
      <?
      if($_COOKIE["downloadcookie"]!=md5($data)){
      ?>
      <no script>
      Please Enable Javascript to complete your download
      </no script>
      <?
      if(!isset($_COOKIE["downloadcookie"])){
      echo 'Please enable Cookies to complete your download';
      }
      //maybe log ip address here to know whos trying to grab
      }else{
      echo "<a href="downloadlink">Download</a>";
      }
      ?>

      Comment


        #4
        this one is not a very good idea because not all browsers send referrer informations.

        another way is to put a captcha image for download page and block in it refferers from different domains.
        Yeah its quite good way....but then it might sometimes irritate regular visitors, as no one wants to wait or even post captcha everytime they download something.

        best way is use javascript to set a cookie ....
        Is, the reason we use javascript to set cookies, is that at server while grabbing wont support javascript and hence no cookie will be set? correct me if m wrong..

        Comment


          #5
          yeah curl and getfilecontents dont support javascript making it impossible for the cookie to be set .... and even if cookie is set via curl ... the cookie will be invalid

          Comment


            #6
            Originally posted by something else View Post
            yeah curl and getfilecontents dont support javascript making it impossible for the cookie to be set .... and even if cookie is set via curl ... the cookie will be invalid
            wowww...tats gr8...actually a good technique..
            but m afraid..through this the download pages won't be available in search engines..also many phones (as mine is generally a mobile wapsite) don't support cookies/javascript.. it might create troubles for them
            still overall a good way...

            Comment


              #7
              yeah for mobiles it is a right pain in the @ss ..... some phones dont support javascript ...... many also dont support refferer making gums captcha idea also not work

              its really a question of do you protect your files or do you limit your files from being downloaded..

              even creating a login cant stop curl from grabbing your files.

              i think there is very few phones that dont support javascript and cookies these days

              would be intresting to know what phones dont support javascript
              Last edited by something else; 25.04.11, 12:39.

              Comment


                #8
                yeah almost all modern phones do support javascript and cookies as well...but few too old phones...with lesser memory footprints..or some java based browsers dont support cookies and/or javascript..
                For example opera mini or UCWEB browser, which actually are proxy browsers and serves each content from their own server so basically there is no client side processing capabilities available with these browsers..and hence no javascripts

                Comment


                  #9
                  by looks of things both opera mini and UCWEB support javascript
                  does Opera mini support javascript? - Google Search
                  does UCWEB support javascript? - Google Search

                  Well limited javascript

                  Comment


                    #10
                    lets see...if we have more better ideas...also its troublesome..even to find if there is any grabber of our site or not....

                    Comment


                      #11
                      If someone really wants to grab your files ... they will .... even big sites like youtube cant stop people grabbing there video`s

                      Added after 25 minutes:

                      Another idea would be to limit the number of downloads per IP adresss per day
                      Last edited by something else; 25.04.11, 13:38.

                      Comment


                        #12
                        I have stopped almost all grabbers at xchanger with captcha. And i think its the best way.
                        Advertise your mobile site for FREE with AdTwirl

                        Comment


                          #13
                          Easy to do this

                          $match = $_SERVER['SERVER_NAME'];
                          $to = array("www.yourdomain.tld","yourdomain.tld");
                          foreach("$to as &$match");
                          {
                          Your file here sir!
                          }else{
                          You know your downloading from some one else work so BACK OFF BUDDY!
                          }

                          Sample lol
                          Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
                          Visit: WapMasterz Coming Back Soon!
                          _______
                          SCRIPTS FOR SALE BY SUBZERO
                          Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
                          FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
                          _______
                          Info & Tips
                          php.net
                          w3schools.com

                          Comment


                            #14
                            lol allen this can be escaped by cUrl.

                            Comment


                              #15
                              Or use in session lol

                              hide the links unless server session is a match and this can't be use in anywhere like iframe or curl or get contents
                              Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
                              Visit: WapMasterz Coming Back Soon!
                              _______
                              SCRIPTS FOR SALE BY SUBZERO
                              Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
                              FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
                              _______
                              Info & Tips
                              php.net
                              w3schools.com

                              Comment

                              Working...
                              X