Protecting NON-CF Files with CF
We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm
RE: Protecting NON-CF Files with CF
Then the simple answer is you can't do it. The web server is responsible for getting images, so unless you figure out some way to display images without using the webserver you're up s**t's creek for a full CF solution. You could prob use IIS's integrated security, but then you would need logins for each user. I see cfcontent as your only viable solution. There are many people using it in production, have you done some testing to make sure that it can't handle that load? What about CFMX? Maybe your issues are fixed in that release. Robert Everland III Web Developer Extraordinaire Dixon Ticonderoga Company http://www.dixonusa.com -Original Message- From: JLH All Turbo [mailto:jacob;allturbo.com] Sent: Tuesday, October 29, 2002 9:53 AM To: CF-Talk Subject: Protecting NON-CF Files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting.
Re: Protecting NON-CF Files with CF
Look into cfcontent. In short, basically, hide the files in a non-web accessible directory and then use cfcontent in a CF page to deliver the file to the user. At 09:53 AM 10/29/2002 -0500, you wrote: We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm
RE: Protecting NON-CF Files with CF
Doh... I missed the cfcontent remark from my previous post. You could write some code that would temporary copy the files from a non-web accessible directory to a web accessible directory when people request them. Use a scheduled task to clean out the web accessible directory every half hour or so. That seems like a not ideal solution, but it might work. At 09:56 AM 10/29/2002 -0500, you wrote: Then the simple answer is you can't do it. The web server is responsible for getting images, so unless you figure out some way to display images without using the webserver you're up s**t's creek for a full CF solution. You could prob use IIS's integrated security, but then you would need logins for each user. I see cfcontent as your only viable solution. There are many people using it in production, have you done some testing to make sure that it can't handle that load? What about CFMX? Maybe your issues are fixed in that release. Robert Everland III Web Developer Extraordinaire Dixon Ticonderoga Company http://www.dixonusa.com -Original Message- From: JLH All Turbo [mailto:jacob;allturbo.com] Sent: Tuesday, October 29, 2002 9:53 AM To: CF-Talk Subject: Protecting NON-CF Files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm
Re: Protecting NON-CF Files with CF
I was trying that with cfcontent and it's just destroying the server. coolfusion.com had a solution for me, they had an iauth tag that would take a yes or no from cf and pass a generic l/p to windows if yes and would just shut down if no. but it stopped working. so i'm looking for other solutions. j - Original Message - From: Jeffry Houser [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, October 29, 2002 10:00 AM Subject: Re: Protecting NON-CF Files with CF Look into cfcontent. In short, basically, hide the files in a non-web accessible directory and then use cfcontent in a CF page to deliver the file to the user. At 09:53 AM 10/29/2002 -0500, you wrote: We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
Re: Protecting NON-CF Files with CF
How about giving users direct access to a reduced size image with a water mark in them and then when they purchase an image (I'm assuming that if you're protecting your images because you're selling them) use CFCONTENT to push the real image to the user. The overhead of using CFCONTENT is reduced drastically this way. Otherwise, you need to look at rewrite rules in apache (I believe there is some kind of plug-in for IIS that allows you to do rewrite rules in IIS). Use the rewrite rules to check to see if an image is being accessed via your pages and if its not redirect the offending person back to your home page r the disney homepage, depending on how cruel you're feeling. ;o) Regards Stephen - Original Message - From: JLH All Turbo [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, October 29, 2002 2:53 PM Subject: Protecting NON-CF Files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm
Re: Protecting NON-CF Files with CF
Well we have to protect all the files. JPGs, .MOVs, .MPGs.. everything basically. We're not just selling access to images. :-) J - Original Message - From: Stephen Moretti [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, October 29, 2002 10:18 AM Subject: Re: Protecting NON-CF Files with CF How about giving users direct access to a reduced size image with a water mark in them and then when they purchase an image (I'm assuming that if you're protecting your images because you're selling them) use CFCONTENT to push the real image to the user. The overhead of using CFCONTENT is reduced drastically this way. Otherwise, you need to look at rewrite rules in apache (I believe there is some kind of plug-in for IIS that allows you to do rewrite rules in IIS). Use the rewrite rules to check to see if an image is being accessed via your pages and if its not redirect the offending person back to your home page r the disney homepage, depending on how cruel you're feeling. ;o) Regards Stephen - Original Message - From: JLH All Turbo [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, October 29, 2002 2:53 PM Subject: Protecting NON-CF Files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com
RE: Protecting NON-CF Files with CF
Hi, The problem with cfcontent is that it uses one CF thread per download... So if you have several users downloading large files from you server at the same time, your server will be quickly down (all the CF threads will be taken one by one by the downloads). Most of big download sites use another technique, it seems that they check the authentication through a dynamic page and return a download info page, the download is then fired by a javascript on the client side (so the download is handled by the web server, not the application server). But I still wonder how they handle the security access from the javascript call... Benoit Hediard www.benorama.com -Message d'origine- De : JLH All Turbo [mailto:jacob;allturbo.com] Envoyé : mardi 29 octobre 2002 16:06 À : CF-Talk Objet : Re: Protecting NON-CF Files with CF I was trying that with cfcontent and it's just destroying the server. coolfusion.com had a solution for me, they had an iauth tag that would take a yes or no from cf and pass a generic l/p to windows if yes and would just shut down if no. but it stopped working. so i'm looking for other solutions. j - Original Message - From: Jeffry Houser [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, October 29, 2002 10:00 AM Subject: Re: Protecting NON-CF Files with CF Look into cfcontent. In short, basically, hide the files in a non-web accessible directory and then use cfcontent in a CF page to deliver the file to the user. At 09:53 AM 10/29/2002 -0500, you wrote: We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
Re: Protecting NON-CF Files with CF
iAuth can do this. More information is available on our web site. Regards, -- Howie Hamlin - inFusion Project Manager On-Line Data Solutions, Inc. - www.CoolFusion.com - 631-737-4668 x101 inFusion Mail Server (iMS) - The Award-winning, Intelligent Mail Server Find out how iMS Stacks up to the competition: http://www.coolfusion.com/imssecomparison.cfm - Original Message - From: JLH All Turbo [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, October 29, 2002 9:53 AM Subject: Protecting NON-CF Files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
RE: Protecting NON-CF Files with CF
Howie, This question came up on the CFDJ list, this is the response by I-Lin Kuo: The problem is that CF's application.cfm page will not run unless you actually call a .cfm page. That being said, the following might work (haven't tried it): Configure your webserver to hand off ALL requests to CF -- .doc, .pdf, txt, whatever. You can then have your application.cfm page check to see whether the file being called is a .cfm, in which case it proceeds normally, or another file type. If it's another file type, check authentication and access level and use cfcontent to return the contents. Of course, you're going to have performance issues because you're running all requests through CF, and requests for multiple MB documents are going to eat up RAM, but it's the quickest and easiest solution to the problem with your constraints. This should buy you enough time to come up with a better solution. Hope that helps -Original Message- From: Howie Hamlin [mailto:howie;coolfusion.com] Sent: 29 October 2002 16:23 To: CF-Talk Subject: Re: Protecting NON-CF Files with CF iAuth can do this. More information is available on our web site. Regards, -- Howie Hamlin - inFusion Project Manager On-Line Data Solutions, Inc. - www.CoolFusion.com - 631-737-4668 x101 inFusion Mail Server (iMS) - The Award-winning, Intelligent Mail Server Find out how iMS Stacks up to the competition: http://www.coolfusion.com/imssecomparison.cfm - Original Message - From: JLH All Turbo [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, October 29, 2002 9:53 AM Subject: Protecting NON-CF Files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting.
Re: Protecting NON-CF Files with CF
You mentioned that you do own a copy of AuthentiX. Are you trying to phase out the AuthentiX solution in favor of a CF solution? Or are you looking for a way to integrate CF and Authentix together? -Novak - Original Message - From: JLH All Turbo [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, October 29, 2002 6:53 AM Subject: Protecting NON-CF Files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm
Protecting non CF files with CF
We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Protecting non CF files with CF
Are you using apache? You could probably use CF to write an .htaccess file... -- jon - jon roig senior manager, online production epilepsy foundation phone: 215.850.0710 site: http://www.epilepsyfoundation.org email: [EMAIL PROTECTED] -Original Message- From: JLH All Turbo [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 9:50 AM To: CF-Talk Subject: Protecting non CF files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: Protecting non CF files with CF
Actually we are using IIS. But. we may be able to use Apache.. nothing is set in stone yet... How would we go about doing the HTAccess.? J - Original Message - From: jon roig [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, July 16, 2002 10:36 AM Subject: RE: Protecting non CF files with CF Are you using apache? You could probably use CF to write an .htaccess file... -- jon - jon roig senior manager, online production epilepsy foundation phone: 215.850.0710 site: http://www.epilepsyfoundation.org email: [EMAIL PROTECTED] -Original Message- From: JLH All Turbo [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 9:50 AM To: CF-Talk Subject: Protecting non CF files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Protecting non CF files with CF
Check out this tutorial... This will give you an idea on how do set one up, then you should be able to go from there ans how to get CF to write it... http://faq.clever.net/htaccess.htm Mike -Original Message- From: JLH All Turbo [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 10:40 AM To: CF-Talk Subject: Re: Protecting non CF files with CF Actually we are using IIS. But. we may be able to use Apache.. nothing is set in stone yet... How would we go about doing the HTAccess.? J - Original Message - From: jon roig [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, July 16, 2002 10:36 AM Subject: RE: Protecting non CF files with CF Are you using apache? You could probably use CF to write an .htaccess file... -- jon - jon roig senior manager, online production epilepsy foundation phone: 215.850.0710 site: http://www.epilepsyfoundation.org email: [EMAIL PROTECTED] -Original Message- From: JLH All Turbo [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 9:50 AM To: CF-Talk Subject: Protecting non CF files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH __ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: Protecting non CF files with CF
Got it. Any ideas on how else to do it in IIS and CF? I wish IIS had an authent scheme to look for my cookie and it's content and see that's it there, so let them have access. That'd be nice. J - Original Message - From: Tangorre, Michael [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, July 16, 2002 10:45 AM Subject: RE: Protecting non CF files with CF Check out this tutorial... This will give you an idea on how do set one up, then you should be able to go from there ans how to get CF to write it... http://faq.clever.net/htaccess.htm Mike -Original Message- From: JLH All Turbo [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 10:40 AM To: CF-Talk Subject: Re: Protecting non CF files with CF Actually we are using IIS. But. we may be able to use Apache.. nothing is set in stone yet... How would we go about doing the HTAccess.? J - Original Message - From: jon roig [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, July 16, 2002 10:36 AM Subject: RE: Protecting non CF files with CF Are you using apache? You could probably use CF to write an .htaccess file... -- jon - jon roig senior manager, online production epilepsy foundation phone: 215.850.0710 site: http://www.epilepsyfoundation.org email: [EMAIL PROTECTED] -Original Message- From: JLH All Turbo [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 9:50 AM To: CF-Talk Subject: Protecting non CF files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH __ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Protecting non CF files with CF
AuthentiX... used it before.. How do you go about tracking who downloaded what and how many times etc? AuthentiX is built with an ISAPI filter that overrides Windows NT security model..(Challenge/Response) and creates an Authenticated user, (CGI.Auth_User) gets populated. The other disadvantage... is the session doesnt time out until the use closes his browser. I would still advice CFCONTENT and possibly secure the files somewhere other than wwwroot.. without public access and use CFContent to deliver the files. I am not sure... about the overhead...havent seen anybody mention it. Joe Certified Advanced ColdFusion Developer [EMAIL PROTECTED] -Original Message- From: JLH All Turbo [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 9:50 AM To: CF-Talk Subject: Protecting non CF files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: Protecting non CF files with CF
iAuth can do this. We have versions for IIS and Website. More info and a 60-day demo are on our web site. HTH, -- Howie Hamlin - inFusion Project Manager On-Line Data Solutions, Inc. - www.CoolFusion.com - 631-737-4668 x101 inFusion Mail Server (iMS) - The Award-winning, Intelligent Mail Server Find out how iMS Stacks up to the competition: http://www.coolfusion.com/imssecomparison.cfm - Original Message - From: JLH All Turbo [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, July 16, 2002 9:49 AM Subject: Protecting non CF files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: Protecting non CF files with CF
I'll take a look at it. Thank You, J - Original Message - From: Howie Hamlin [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, July 16, 2002 3:55 PM Subject: Re: Protecting non CF files with CF iAuth can do this. We have versions for IIS and Website. More info and a 60-day demo are on our web site. HTH, -- Howie Hamlin - inFusion Project Manager On-Line Data Solutions, Inc. - www.CoolFusion.com - 631-737-4668 x101 inFusion Mail Server (iMS) - The Award-winning, Intelligent Mail Server Find out how iMS Stacks up to the competition: http://www.coolfusion.com/imssecomparison.cfm - Original Message - From: JLH All Turbo [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, July 16, 2002 9:49 AM Subject: Protecting non CF files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH __ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: Protecting non CF files with CF
If you have any questions please feel free to send me an emaqil directly. Regards, Howie - Original Message - From: JLH All Turbo [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, July 16, 2002 4:00 PM Subject: Re: Protecting non CF files with CF I'll take a look at it. Thank You, J __ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: Protecting non CF files with CF
Usually do not do this, but going to plug iAuth. (Sorry Mike, had to.) We bought it about two months ago for 5 servers because people were linking to the .mov files bypassing CF or HTML. Cost is a lot of money because of the burstable bandwidth. Purchased iAuth and it killed everybody cheating us. And with burstable DS3s, the price for iAuth was worth it. Thanks for a great product... At 03:55 PM 7/16/2002 -0400, you wrote: iAuth can do this. We have versions for IIS and Website. More info and a 60-day demo are on our web site. HTH, -- Howie Hamlin - inFusion Project Manager On-Line Data Solutions, Inc. - www.CoolFusion.com - 631-737-4668 x101 inFusion Mail Server (iMS) - The Award-winning, Intelligent Mail Server Find out how iMS Stacks up to the competition: http://www.coolfusion.com/imssecomparison.cfm - Original Message - From: JLH All Turbo [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Tuesday, July 16, 2002 9:49 AM Subject: Protecting non CF files with CF We have to protect an entire directory and it's subdirectories with CF. We'd like to use CF to process our logins.. but can't have people directly linking to JPGs and MPGs etc under neath.. since CF can't really protect these individual files unless called through a CFM page, we've run into a problem. How can we accomplish this? We DO own a copy of AuthentiX and unfortunately CFContent is not a viable solution. This site will have upwards of 12,000 simultaneous users and CFContent has too much overheard. Thank you! JLH __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: protecting non-cf files
Do you have Apache running on the Media server? I know with apache you can set the access to where it only allows downloads of any file if the http_referer matches. But people can get around that. Another way you can do it is to install some sort of anti-leech script on your streaming media server. There are quite a few good ones out there. Just do a search for anti-leech on google or something. _ steve oliver senior internet developer atnet solutions, inc. http://www.atnetsolutions.com -Original Message- From: Jennifer Knoblock [mailto:[EMAIL PROTECTED]] Sent: Monday, February 25, 2002 3:55 PM To: CF-Talk Subject: protecting non-cf files I'd like to protect some streaming media files for a subscription based service that would be powered by CF. The server that ColdFusion runs on isn't powerful enough to run both the streaming server and the CF server, so the streaming software is on another server. How can I protect the media files with ColdFusion? I figured out that I can restrict access to the html/cfm pages that have links to the media files, but not the media files themselves. Is there any way to do this? Thanks! Jen __ Why Share? Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
protecting non-cf files
I'd like to protect some streaming media files for a subscription based service that would be powered by CF. The server that ColdFusion runs on isn't powerful enough to run both the streaming server and the CF server, so the streaming software is on another server. How can I protect the media files with ColdFusion? I figured out that I can restrict access to the html/cfm pages that have links to the media files, but not the media files themselves. Is there any way to do this? Thanks! Jen __ Why Share? Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: protecting non-cf files
Hi Jen, I asked similar question a while back, although all the files I need to protect are on the same server. Storing the files you want to protect outside the web root and calling them with CFCONTENT seemed to be the best way to go, although it does involve a small processing hit each time. Kay. Jennifer Knoblock [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... I'd like to protect some streaming media files for a subscription based service that would be powered by CF. The server that ColdFusion runs on isn't powerful enough to run both the streaming server and the CF server, so the streaming software is on another server. How can I protect the media files with ColdFusion? I figured out that I can restrict access to the html/cfm pages that have links to the media files, but not the media files themselves. Is there any way to do this? __ Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusiona FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
