hotlink protection technology

Hotlink prevention can be difficult because conventional methods rely on mechanisms which are becoming unpopular with security and privacy concious internet users. It is also true that these mechanisms can be subverted. We have described these methods below and summarised their problems. Ask questions and ensure that your vendor uses reliable methods to implement hotlinking protection.

url rewriting schemes implemented using mod_rewrite that depend on the http-referer header are declining in usefulness. This is caused by the increased number of proxies, firewalls and browsers which send blank, arbitrary or obscured http-referer headers on behalf of the client browser that break the rewriting rules.

ip tracking schemes require large amounts of memory to track connections, are resource intensive, and fail in the presence of proxy servers such as those used by aol.

cookies are also limited in usefulness because of the great numbers of users who turn off cookies or use personal firewalls that drop cookie header transmissions as part of the default install. Additionally, this method requires that every request be interpreted and handled by a scripting engine.

javascript schemes have the same problems as cookies. Furthermore, since the script is in text, it is even easier to manipulate and defeat.

coldlink overcomes these failure modes because it has no dependency on client generated headers or data. It's security mechanisms are completely contained on the server, safe from manipulation by client software.

It automatically issues time sensitive, expiring urls which have been generated using a cryptographically secure method standardised by government security agencies. Completely new random keys are created every 20 seconds and expire every 5 minutes. This allows legitimate users to freely use your site, yet renders hotlinking completely impractical when coldlink is installed on your server.

coldlink also differs from conventional approaches in that it is an independent highly efficient compiled binary module that operates completely independently of any scripts. It offers hotlink protection for any type of file resource including static html; dynamic html from asp, php, and perl scripts; images in .jpg, .jpeg, .png and .gif formats; music in .mp3 format; movies in .wmv, .mov, .mpg, and .mpeg formats and scripts even if the source page is static. This protection is completely transparent, even if the link is used to start streaming media viewers such as windows media player.

coldlink hotlink protection is currently available for: click here to buy
bandwidth protection
bandwidth theft
hotlink prevention

copyright © 2003
all rights reserved

design -
hosted by
microsoft platform specialists
puts hotlinks ...
... on ice