Check Referrer To Prevent Linking Yours From Other Sites

Check Referrer To Prevent Linking Yours From Other Sites

Free Web Hosting, No Ads

Free Web Hosting, No Ads Portal

Free Web Hosting

Welcome Guest ( Log In | Register)

Free Web Hosting, No Ads > CONTRIBUTE > Tutorials

Reply to this topic

Start new topic

Check Referrer To Prevent Linking Yours From Other Sites, Check referrer with Php and Mysql

P0T33n View Member Profile Find Member's Posts	Aug 19 2006, 04:56 PM Post #1
Newbie [Level 1] Group: Members Posts: 17 Joined: 15-July 06 Member No.: 26,645	Check Referrer Using Php To Prevent People Linking To Your Downloads From Other Sites Ever find that found some people are listing items, images and tuts and linking directly to the download url (those that are like my photoshop tutorial.php?id=0), which is a .php to count the number of downloads. To prevent this, you can add a piece of code to the download pages that checks which page referred them to the download page: if it's my domain, it downloads the file normally, if it's not, it will redirect to my home page instead. Important: Not all browsers log referrers, so this won't work depending on the browser the visitor uses and this method can be also bypassed, but it will work for for the major part of visitors. CODE <?php $yoursite = "yoursite.com"; //Your site url without http:// $yoursite2 = "www.yoursite.com"; //Type your domain with www. this time $referer = $_SERVER['HTTP_REFERER']; //Check if browser sends referrer url or not if ($referer == "") { //If not, set referrer as your domain $domain = $yoursite; } else { $domain = parse_url($referer); //If yes, parse referrer } if($domain['host'] == $yoursite \|\| $domain['host'] == $yoursite2) { //Run your dowloading code here normally } else { //The referrer is not your site, we redirect to your home page header("Location: http://yoursite.com"); exit(); //Stop running the script } ?> Hope some one finds this usefull!! Notice from electriic ink: P0T33n, in the future please ensure that your topic titles and descriptions are as descriptive as possible and that you put all your code in [-CODE-] tags. Thank you. This post has been edited by BuffaloHELP: Aug 21 2006, 05:05 AM (list)

Plenoptic View Member Profile Find Member's Posts	Aug 19 2006, 06:06 PM Post #2
Trap Double Mocha Member Group: [HOSTED] Posts: 2,211 Joined: 5-November 05 From: That one place over there... Member No.: 13,830	That is pretty useful I might have to try it sometime. Hopefully I can adjust it to work on all browsers and make it more secure. I would post a comment on the page saying that those who have reached the page from the wrong area can visit the site that way people know the link they got wasn't from the creator of the download or whatever. I can use this for my download system. Nice tutorial. (list)

Dooga View Member Profile Find Member's Posts	Aug 20 2006, 07:41 AM Post #3
Moderator Group: [MODERATOR] Posts: 1,326 Joined: 26-December 04 From: Canada Member No.: 2,940	Referals can be changed, which means that this sometimes doesn't work. (list)

Florisjuh View Member Profile Find Member's Posts	Aug 20 2006, 01:54 PM Post #4
Proud to be hosted Group: Members Posts: 993 Joined: 11-July 04 From: NL Member No.: 75	This is a nice and usefull script, thanks for sharing it. Leeching is a pretty big problem nowadays seeing every website 'hotlinks like hell' while traffic is very important seeing content can be found everywhere nowadays. (list)

Sprnknwn View Member Profile Find Member's Posts	Aug 21 2006, 09:33 AM Post #5
Privileged Member Group: Members Posts: 822 Joined: 6-March 05 Member No.: 4,202	Nice tutorial. I´ll definitely bookmark it, maybe it´ll be useful in the near future. Thanks. (list)

delivi View Member Profile Find Member's Posts	Aug 20 2007, 05:49 PM Post #6
Trap Grand Marshal Member Group: [HOSTED] Posts: 1,298 Joined: 11-January 06 From: Chennai, India Member No.: 16,932	great script, will help a lot in saving the precious bandwidth. (list)

Soby View Member Profile Find Member's Posts	Sep 10 2007, 06:27 AM Post #7
Member [Level 1] Group: Members Posts: 54 Joined: 25-August 07 Member No.: 48,808	What is the file that I want to put on the server is hosted on a different webserver. Can it check referers for that too? (list)

iGuest View Member Profile Find Member's Posts	May 3 2008, 02:21 PM Post #8
Trap Double Mocha Member Group: Members Posts: 2,360 Joined: 21-September 07 Member No.: 50,369	Bad script,very bad. If I put in my reffer : "> ,then this site with this script is vulnerable to XSS -reply by Number.49 (list)

hitmanblood View Member Profile Find Member's Posts	Jun 13 2008, 08:37 PM Post #9
Privileged Member Group: [HOSTED] Posts: 775 Joined: 13-April 07 From: mreža Member No.: 41,558	Well, this is useful script for web statistics but not for the prevention of unwanted download. So you should check it it may be as starting point for some other more secure scripts. But as this script is very easily defeated it is not very secure. So be careful when imposing this script to your site. And another thing I personally never use open source scripts that are widely available for important security parts of my sites. *--this is after edition--* there is also one thing is referral is entered as blank that is as you can make custom user agents then you may be able to enter the site and make it work in unwanted way. This is important fact. This post has been edited by hitmanblood: Jun 13 2008, 08:40 PM (list)