I am beginning your blog having a located wordpress instance and i must have the ability to stream music utilizing a expensive player on some posts.

However , every player i've found utilizes a simple param to obtain the file url which causes it to be super easy for somebody to locate that url and merely download the file. I understand it's most likely impossible to avoid this altogether, however i a minimum of don't would like it to be apparent.

A server side solution could be implemented when i have full accessibility server.

In the seem of the question, it may sound as if you care more about stopping "hotlinking" in order to save bandwidth.


This link above is a such site, that will explain preventing hotlinking via checking the "referrer" the browser transmits having a http request. Essentially when the user is connecting towards the file from another site that is not "yours" it can replace or provide a mistake message telling the consumer that hotlinking is not permitted.

However do bear in mind the user still can turn to your website, then search with the html and extract your connect to the background music file after which go to download it normally. But this solution should stop "others" from stealing your bandwidth for that music file.

Whenever you download .flv files with expensive they're inside your /tmp/ folder (or whatever your crazy OS ways to use temp data). Most expensive gamers are "vulnerable" for this.

Most expensive music gamers will first send an HTTP request saying "Hey, I would like this file can I've got a token?" This token will be accustomed to authorize the background music download. This causes it to be which means you can't possess some simple to forge get/publish request to download the file, you really need to simulate a protocol interaction which most kids can't do. Most public "hacks" don't make use of a browser, they simply simulate the behaviour of the browser and ignore any "security though obscurity" measures you devote place. Most kids love these downloaders.

Even though it is trivial to decompile most expensive programs an assailant will take a look at network traffic because its a great deal simpler. Tamperdata defeats a method of "transactions". Actually I have not seen a protection system such as this that can not be defeated with Tamperdata. You allow the Expensive player result in the request the token, then your next request a mp3/flv file could be intercepted after which dropped. After that you can replay this request and download the file normally.

This can be a "client side trust" problem and THERE Should Never Be An AnswerBrand New it appears like you will know and you're simply searching for security though obscurity.

There's virtually nothing that you can do to avoid someone installing your file if they demand to.

However obfuscated you are making the delivery mechanism, in the finish during the day the background music needs to be decrypted and performed around the finish-users' machine and from there it is simple enough to capture some way.

This is actually the exact DRM struggle the background music industry has attempted to resolve and ultimately unsuccessful up with the switch-to vanilla MP3 format in many (all?) the internet music stores.

I have solved this by not permitting hot connecting by using this guideline.