-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
You might be able to use the HTTP Referer of the request to determine
whether to show the page or not. We use a similar thing to prevent
direct linking to image content on our site -- we use CF to serve
images via CFCONTENT. The page checks the referer before serving the
image. If the referer is from our server, the user sees the image
and never knows anything is out of the ordinary. If the referer is
missing or is from another site, they get a "You've been bad" kind of
image served to them instead. That image just has text that explains
bandwidth theft and asks the user to report the site they clicked
from to us.
Here's slightly abridged code:
<cfsetting enablecfoutputonly="Yes">
<!--- RefBuster.cfm
Send a full server path (c:\whatever\asb.gif) and this page will
return the image.
Use <img src="RefBuster.cfm?path=c:\whatever\asb.gif">
Remember to give the server's IUSR READ access to the files unless
authentication will
be required.
--ZSB 26-Mar-99
- --->
<cfif CGI.HTTP_Referer CONTAINS Application.RefDomain>
<cfset path=Decrypt(path,Application.PicKey)>
<cfswitch expression="#Right(path,4)#">
<cfcase value=".gif"><cfset ContentType =
"image/gif"></cfcase>
<cfcase value=".jpg"><cfset ContentType =
"image/jpeg"></cfcase>
<cfcase value=".zip"><cfset ContentType =
"application/zip"></cfcase>
<cfdefaultcase><cfset ContentType =
"unknown"><cfabort></cfdefaultcase>
</cfswitch>
<cfheader name="Content-Disposition" value="inline;
filename=""#GetFileFromPath(path)#""">
<cfif IsDefined("path")><CFIF FileExists(path)><cfcontent
type="#ContentType#" file="#path#"></cfif></cfif>
<cfelse>
<cfheader name="Content-Disposition" value="inline;
filename=""BandWidthTheft.gif""">
<cfcontent type="image/gif" file="D:\...\images\BandWidthTheft.gif">
</cfif>
This should be even easier if you're only serving HTML files from
those links. Something like the following stuck at the top of the
protected pages should suffice:
<cfif NOT (CGI.HTTP_Referer CONTAINS "YourDomainNameHere.com")>
<h1>You don't belong here!</h1>
<cfabort>
</cfif>
Hope that's helpful.
Best regards,
Zac Bedell
========================================
Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.
Please include original message in any replies -- I get a
lot of email every day, and I have a REALLY bad memory...
So I don't always remember everything that was said.
Thanks!
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 30, 2000 1:28 AM
> To: CF-Talk
> Subject: IP Address blocking
>
>
> I have a unique problem. I know how to keep folks from linking to
> my pages on my server, but I allow others to also post pages to my
> web servers. Their pages contain links to places I don't want
> folks going to.
> So, I could prevent them from writing their pages on my server, or
> I could search out and mangle such links. However, is there yet a
> sneakier way to let them do their thing, but I make it
> "non-responsive"
> when it gets clicked on? Or could I redirect it to some other
> site? What is the best way to proceed. /spe
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Structure your ColdFusion code with Fusebox. Get the official
> book at http://www.fusionauthority.com/bkinfo.cfm
>
> Archives: http://www.mail-archive.com/[email protected]/
> Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
>
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBOiaM8avhLS1aWPxeEQKZZQCgu3dwOMTdDSPyfncspXevjsFxT6cAoOYF
zjb25p1JJb3HfbaekyZ+FHFP
=Z64M
-----END PGP SIGNATURE-----
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
