Hotlink control Hotlink control
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Hotlink control

Started by ACIDRAIN, December 10, 2005, 06:11:17 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

ACIDRAIN

Not sure how practical this is for general use, but I'd like to see a hotlink-control function in the admin panel, and allow it to be based on groups and/or users.  That way you can prevent your "registered" users from hotlinking, but you can create a new group that allows hotlinking to their uploaded images. 

For those that don't know, hotlinking is when you take the address of an image from one site and use that address to post the image on another site, effectively stealing their bandwidth.  Some admins frown on this, and some don't.

In this case, I have the normal group "registered" and a trusted group, and I would like to allow them hotlinking and force the registered group out of hotlinking ablilty.  However, I am not sure if this can be done in php/mysql, because I believe it is usually an apache function.  But I think if you had (and this is very rough) "if from {MY_DOMAIN} and {USER} is allowed, post {REQUESTED_IMAGE}; else if from {MY_DOMAIN} and {USER} not allowed, post {DISALLOWED_IMAGE}.  With this concept, users/groups could be handled from the admin panel. 

I don't know php, so I couldn't code this or else I'd give it to you guys for another relase or a mod ;).  But if it were dropped in as a feature, I think many admins would enjoy the bandwidth control it offers. 

ACIDRAIN

I just realized I goofed on the original exmaple....

edited:
if from {MY_DOMAIN} to {EXTERNAL_DOMAIN} and {USER} is allowed, post {REQUESTED_IMAGE}; else from {MY_DOMAIN} to {EXTERNAL_DOMAIN} and {USER} not allowed, post {DISALLOWED_IMAGE}

else if from {MY_DOMAIN} to {MY_DOMAIN}, allow all

The last statement would allow subdomain access for everyone, in other words in-house transfers (from galleries.x.com to forums.x.com).