Hide URL download from "internet download manager" eyes? [closed]

It's difficult to tell what is 开发者_运维知识库being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center. Closed 11 years ago.

On a music site, my users listen to music via a player. Please let me know that how can I hide URL download from "internet download manager" eyes on this site? My programming languages are PHP + MYSQL.

---

Laurent's suggestion of temporary URLs is a good one. Much along those same lines, you can use cookies to validate a path only for a short time, keeping some sort of token to access the music that is only valid for a particular song, and only for a particular amount of time.

Something I have seen on other music sites (and this depends on the player) is splitting up the audio data into chunks. Each HTTP request gets another chunk, and the player reassembles. There is overhead with this method though, and it isn't foolproof.

You might also try HTTPS, but not all clients like this. Make sure to validate where the data is coming from so someone doesn't insert a proxy in the middle. This is generally bad practice though.

What you are asking for isn't technically possible. If it can get to the client, it can be reassembled by something. All you can do is make it difficult with these two methods. Of course, it wouldn't take much effort for someone to write software to reassemble those chunks.

You could use other methods, such as encrypting the data. Again though, not 100% foolproof.

---

You can only make saving content from your site more difficult - not impossible. You can also make traditional download managers mostly useless. If your computer can play it, however, there will be a way to capture it, even if it involves plugging the speaker output to a separate audio recording device.

A few approaches that you can use either alone or even together:

• Use single-use or time-restricted URLs - this will mostly guard against hot-linking from external sites

• Use session cookies so that download managers without access to the browser cookies cannot be used.

• Use CAPTCHAs to filter out any automated bots.

• Use a custom streaming protocol and associated player.

• Use encryption - and watch your server CPU load.

Whatever you do, you'd better think very carefully about a few things:

• Whether employing such measures will make your site harder to use, inconveniencing your users.

• Whether you will create compatibility issues that will enrage your (potentially paying) users.

• Whether proprietary streaming protocols are worth the development and maintenance cost, in relation to the abuse that you are seeing.

It all depends on the kind of abuse that you are seeing (or suspect that is happening) and the benefit-to-cost ratio of each approach.

---

You can't do that, the download manager needs to know the URL to be able to download the file.

What you could do instead is generate a single-use URL using PHP, which would mean the URL displayed would be useless after the first download (or after a given amount of time, might be safer to keep the URL alive for say 5 minutes to avoid failed retries)