Web Design Forums

mid-ori · 22-10-2004, 11:53

ok, quick question.

if i was to supply a client with a link to a specific target, is their anyway to stop the client giving that link to someone else, so they can view the content on their website. Also is there a way, to stop somebody viewing the source code and taking the link and viewing the content on their site.

Basically i want the link to only work from that specfic website!

Cheers

M

cam · 23-10-2004, 08:49

perhaps i'm misunderstanding, but surely you should be looking more at access control for the content than trying to "hide" links?

mid-ori · 25-10-2004, 05:30

yeah, i've looking at locking down the a streaming server to only accepting connections from particular IP addresses, i hope this is going to work, any other ideas are very welcome

DaiWelsh · 08-11-2004, 13:33

It sounds like you need to protect the content using either HTTP authentication set up on your web server or session cookies controlled through a server-side language such as PHP or ASP. That way only a user with a valid username and password can get at the content. However, there is still no way to stop that user from giving the username and password to someone else.

Options you have:-

authentication: stops random people getting the content, but does not stop user giving non-user their password
IP address restriction: in theory can help but in practice is next to useless as many user shave multiple and/or dynamic IPs while whole blocks of other users will be on same IP.
Check referer: ok for stopping casual linking from other sites, but does not protect against a determined individual gaining access
Time restriction: if this is a temporary access you could make a temporary password, but this is a very complicated system so not worth considering for the average website.

You need to decide what level of security is required and work backwards from there, possibly using a combination of the above. At the end of he day it is not possible to protect anything perfectly and certainly not once it is out there for 'legitimate' users to see. The key is making it sufficiently hard that no one is going to bother, allowing for the real value of what you are protecting.

HTH,

Dai

22-10-2004, 11:53	#1 (permalink)
mid-ori Senior Member Join Date: Oct 2003 Posts: 162	hiding links ok, quick question. if i was to supply a client with a link to a specific target, is their anyway to stop the client giving that link to someone else, so they can view the content on their website. Also is there a way, to stop somebody viewing the source code and taking the link and viewing the content on their site. Basically i want the link to only work from that specfic website! Cheers M

23-10-2004, 08:49	#2 (permalink)
cam vague™ Join Date: Mar 2004 Location: Glasgow Posts: 5,595	perhaps i'm misunderstanding, but surely you should be looking more at access control for the content than trying to "hide" links? __________________ The Blog™ \| TWHF \| Twitter \| LinkedIn

08-11-2004, 13:33	#4 (permalink)
DaiWelsh Registered User Join Date: Mar 2004 Location: Derby, UK Posts: 24	It sounds like you need to protect the content using either HTTP authentication set up on your web server or session cookies controlled through a server-side language such as PHP or ASP. That way only a user with a valid username and password can get at the content. However, there is still no way to stop that user from giving the username and password to someone else. Options you have:- authentication: stops random people getting the content, but does not stop user giving non-user their password IP address restriction: in theory can help but in practice is next to useless as many user shave multiple and/or dynamic IPs while whole blocks of other users will be on same IP. Check referer: ok for stopping casual linking from other sites, but does not protect against a determined individual gaining access Time restriction: if this is a temporary access you could make a temporary password, but this is a very complicated system so not worth considering for the average website. You need to decide what level of security is required and work backwards from there, possibly using a combination of the above. At the end of he day it is not possible to protect anything perfectly and certainly not once it is out there for 'legitimate' users to see. The key is making it sufficiently hard that no one is going to bother, allowing for the real value of what you are protecting. HTH, Dai

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

25-10-2004, 05:30	#3 (permalink)
mid-ori Senior Member Join Date: Oct 2003 Posts: 162	yeah, i've looking at locking down the a streaming server to only accepting connections from particular IP addresses, i hope this is going to work, any other ideas are very welcome

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)