IIS users have rather limited options as far as I recall. I'm not sure how the referrer works. All of the rewrite stuff for IIS is a paid for solution, though there is a "light" version which may, or may not do the job.
http://www.helicontech.com/isapi_rewrite/ If you're willing to throw money at the problem, this seems the best solution I could find on google. HTH -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Karl Weckstrom Sent: Saturday, October 18, 2008 6:29 AM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] fast dl abuse What about for IIS servers? :) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Philip Bembridge Sent: Saturday, October 18, 2008 11:54 AM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] fast dl abuse @ Neonicacid: Can I just say that your solution isn't viable, as you have to have the same directory structure as the server also, just log onto any server with fast download and type "sv_downloadurl" into console and it will tell you, The .htaccess way is the way to go ^^ Thread closed? Phil 2008/10/18 Robert Whelan <[EMAIL PROTECTED]> > Would you happen to have an example for us msiis users? > > > > ----- Original Message ---- > From: Tony Paloma <[EMAIL PROTECTED]> > To: Half-Life dedicated Win32 server mailing list < > hlds@list.valvesoftware.com> > Sent: Saturday, October 18, 2008 1:50:36 AM > Subject: Re: [hlds] fast dl abuse > > Voogru and others have already explained how to do this. I don't know why > this thread is still going on with speculation about how to do it. > > When a game client downloads a file from an sv_downloadurl, it submits as > the referrer the game server it is connecting to. This is why limiting > access by referrer works. > > With Apache, as mentioned earlier, you can use this script in a .htaccess > file. > > SetEnvIfNoCase Referer "^hl2://12\.34\.56\..*" AllowDownload > Order Deny,Allow > Allow from env=AllowDownload > Deny from all > > You can insert any regular expression you want to match the referer. This > one will allow all game servers starting with 12.34.56 to use the download > URL. > > Alternatively, use the script mentioned later. > > RewriteEngine On > RewriteCond %{HTTP_REFERER} !^hl2://0.0.0.0: > RewriteCond %{HTTP_USER_AGENT} !^Half-Life\ 2$ > RewriteRule ^(.*)$ $1 [F] > > Again, any regular expression should work. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of DontWannaName! > Sent: Friday, October 17, 2008 8:02 PM > To: Half-Life dedicated Win32 server mailing list > Subject: Re: [hlds] fast dl abuse > > What if its more than one game server people are downloading from... > > > ----- Original Message ---- > From: Rick Payton <[EMAIL PROTECTED]> > To: Half-Life dedicated Win32 server mailing list > <hlds@list.valvesoftware.com> > Sent: Friday, October 17, 2008 5:58:23 PM > Subject: Re: [hlds] fast dl abuse > > A quick google search returned this from a forum from 3 years ago, that > seemed to work well enough for me: > > RewriteEngine On > RewriteCond %{HTTP_REFERER} !^hl2://0.0.0.0: > RewriteCond %{HTTP_USER_AGENT} !^Half-Life\ 2$ > RewriteRule ^(.*)$ $1 [F] > > I changed the 0.0.0.0 to (x.x.x.x|y.y.y.y) in the .htaccess file. While > my client was able to successfully download the map, using a web browser > I was forbidden to view the directory. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Donnie Newlove > Sent: Friday, October 17, 2008 2:05 PM > To: Half-Life dedicated Win32 server mailing list > Subject: Re: [hlds] fast dl abuse > > I stand corrected, the most elegant way would of course be to only > allow downloads from hosts that are already connected or connecting to > the game server. > > On Sat, Oct 18, 2008 at 1:28 AM, Karl Weckstrom <[EMAIL PROTECTED]> > wrote: > > You HAVE to restrict access via IP on the webserver itself. Sadly > there's no other way. > > > > Turning off directory browsing is useless, as they'll find out the > path anyway. Valve opted to use Internet Explorer as their internal game > browser, which leverages WININET.DLL. > > > > http://support.microsoft.com/kb/884931 > > > > As you can see from the above URL, you can download a debug version of > wininet.dll to troubleshoot IE issues. This will reveal absolutely all > details about the transfer, including all paths. It's pointless to try > and obscure your map download url, it simply needs to be restricted by > IP on the webserver. > > > > > > ________________________________________ > > From: [EMAIL PROTECTED] > [EMAIL PROTECTED] On Behalf Of Cc2iscooL > [EMAIL PROTECTED] > > Sent: Friday, October 17, 2008 7:04 PM > > To: Half-Life dedicated Win32 server mailing list > > Subject: Re: [hlds] fast dl abuse > > > > Unfortunately this also shows in the "sv_downloadurl," but yes, that > > would limit it quite a bit. > > > > Steve wrote: > >> The first thing I would do (which I have already done) is disable > >> directory browsing on all those folders.. no reason to let the search > >> engines crawl through all your files so they can indexed up on > google. > >> > >> > >> > >>> Hi Listy, > >>> > >>> I think my fast dl webspace is being leeched. > >>> > >>> I can find thousands of tf/maps directorys to browse and potentially > hook > >>> into and use the url in my server.cfg > >>> > >>> Is there any way of preventing any connections to my fast dl server > other > >>> than my own game server (via IP:port) > >>> > >>> Love to all > >>> > >>> Pat xxx > >>> _______________________________________________ > >>> To unsubscribe, edit your list preferences, or view the list > archives, > >>> please visit: > >>> http://list.valvesoftware.com/mailman/listinfo/hlds > >>> > >>> > >> > >> > >> > >> _______________________________________________ > >> To unsubscribe, edit your list preferences, or view the list > archives, please visit: > >> http://list.valvesoftware.com/mailman/listinfo/hlds > >> > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
