User Tools

Site Tools


en:feature_antihotlink

There are several possible security from hotlinking settings:

  • You can check the referrer;
  • You can sign the URL;

In the signature, you can optionally specify the lifetime, the IP-address (es) for which the signature is valid, and the maximum number of IP-addresses that can use this URL.

  • Now the Cookie can be checked additional (you can choose any name). If its value matches the key value - the request is valid, even if there is no IP binding or no ref (if there is a ref but the values does not match - the request will be rejected). If there is no IP binding, missing the proper coockie will reject the request unless there is a valid ref.

In short - any of these three checks (for the correct IP, coockie or referrer) is enough for the request to be accepted and processed. Hotlink can not fake any of these parameters

en/feature_antihotlink.txt · Last modified: 2017/06/14 10:05 by panda