What if its more than one game server people are downloading from...
- Original Message
From: Rick Payton <[EMAIL PROTECTED]>
To: Half-Life dedicated Win32 server mailing list
Sent: Friday, October 17, 2008 5:58:23 PM
Subject: Re: [hlds] fast dl abuse
A quick google search returned thi
A quick google search returned this from a forum from 3 years ago, that
seemed to work well enough for me:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^hl2://0.0.0.0:
RewriteCond %{HTTP_USER_AGENT} !^Half-Life\ 2$
RewriteRule ^(.*)$ $1 [F]
I changed the 0.0.0.0 to (x.x.x.x|y.y.y.y) in the .htac
2008/10/18 Donnie Newlove <[EMAIL PROTECTED]>
> It would probably be easier and safe enough to change the url to
> something random every map change or controlled by a timer than having
> one unique url for every joining player. Using a plugin to do this and
> sync up with the web server would sur
Restricting it by referrers will prevent another idiot running a server from
using your url. They can of course forge the referrer but the standard
client won't do that and that's all that matters.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Karl Wecks
2008/10/18 Karl Weckstrom <[EMAIL PROTECTED]>
> You HAVE to restrict access via IP on the webserver itself. Sadly there's
> no other way.
>
> Turning off directory browsing is useless, as they'll find out the path
> anyway. Valve opted to use Internet Explorer as their internal game browser,
> whi
It would probably be easier and safe enough to change the url to
something random every map change or controlled by a timer than having
one unique url for every joining player. Using a plugin to do this and
sync up with the web server would surly be the most elegant way.
On Fri, Oct 17, 2008 at 11
I stand corrected, the most elegant way would of course be to only
allow downloads from hosts that are already connected or connecting to
the game server.
On Sat, Oct 18, 2008 at 1:28 AM, Karl Weckstrom <[EMAIL PROTECTED]> wrote:
> You HAVE to restrict access via IP on the webserver itself. Sadly
You HAVE to restrict access via IP on the webserver itself. Sadly there's no
other way.
Turning off directory browsing is useless, as they'll find out the path anyway.
Valve opted to use Internet Explorer as their internal game browser, which
leverages WININET.DLL.
http://support.microsoft.c
Unfortunately this also shows in the "sv_downloadurl," but yes, that
would limit it quite a bit.
Steve wrote:
> The first thing I would do (which I have already done) is disable
> directory browsing on all those folders.. no reason to let the search
> engines crawl through all your files so they
mines a neat double JD+ice
On 10/17/08, SakeFox <[EMAIL PROTECTED]> wrote:
>
> yeah that would work. Mine was way off...didn't quite think enough...oh
> well its friday time to get some drinks
>
>
> Spencer 'voogru' MacDonald wrote:
> > SetEnvIfNoCase Referer hl2://74\.54\.216\.* AllowDownload
> >
I dont have directory browsing on, so thats ok.
I will look into hta access and let you know how i get on.
cheers guys
pattycake
___
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
http://list.valvesoftware.com/mai
yeah that would work. Mine was way off...didn't quite think enough...oh
well its friday time to get some drinks
Spencer 'voogru' MacDonald wrote:
> SetEnvIfNoCase Referer hl2://74\.54\.216\.* AllowDownload
>
> Order Deny,Allow
>
> Allow from env=AllowDownload
>
> Deny from all
>
>
> -Original
Ok I was wrong in my previous e-mail, I thought it was using the
mod-rewrite command ... referrer ... gotta save this e-mail.
What if you want to allow 2 or more IP's? Would you just double the
AllowDownload line?
mauirixxx
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTEC
Wasn't there a thread a few years ago about using the url rewriting in
apache to solve this?
mauirixxx
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of SakeFox
Sent: Friday, October 17, 2008 11:09 AM
To: Half-Life dedicated Win32 server mailing list
Subje
The first thing I would do (which I have already done) is disable
directory browsing on all those folders.. no reason to let the search
engines crawl through all your files so they can indexed up on google.
> Hi Listy,
>
> I think my fast dl webspace is being leeched.
>
> I can find thousands of
If it's an apache webserver, you can use an htaccess file to limit
referers. I'll post mine when I get home.
Ricky Smith
On Oct 17, 2008, at 4:18 PM, "Patrick Shelley" <[EMAIL PROTECTED]>
wrote:
> Hi Listy,
>
> I think my fast dl webspace is being leeched.
>
> I can find thousands of tf/maps
Assuming you're using apache, just set up something with mod_rewrite
(.htaccess):
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/maps/
RewriteCond %{HTTP_REFERER} !^hl2://123.45.67.89
RewriteRule ^.* / [F]
Replace the map path prefix and server IP as needed. If you have
multiple IPs, use something
The problem is is it's not YOUR server IP that is used to connect. It is
connecting clients IP's.
The best way I can think of is a plugin. OnClientConnect (If run before
downloads start), add the ip to a database, and then use url rewrite and
get a php script to handle the downloads.
Patrick S
you can add a .htaccess file in your directory and put in
Order Allow,Deny
Deny from xxx.xxx.xxx.xxx
Allow from all
http://www.javascriptkit.com/howto/htaccess5.shtml
Patrick Shelley wrote:
> Hi Listy,
>
> I think my fast dl webspace is being leeched.
>
> I can find thousands of tf/maps director
I'm sure someone will chime in with better answers, but off the top of my
head I can think of a couple options for you..
*First*, you could put the fast download directories into a tree that is not
easily guessable by a random person.. tf/maps is pretty obvious to almost
anyone as to what the cont
I agree that it would be nice to have a confirmation message that you
were changing your email, and if the change wasn't warranted that you
would contact Steam's support. That would be nice to have...instead of
this silent stuff.
Jake E wrote:
> Well, they could make it so that it says somethin
SetEnvIfNoCase Referer hl2://74\.54\.216\.* AllowDownload
Order Deny,Allow
Allow from env=AllowDownload
Deny from all
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Patrick Shelley
Sent: Friday, October 17, 2008 4:18 PM
To: HLDS Mail List
Subject: [hl
Hi Listy,
I think my fast dl webspace is being leeched.
I can find thousands of tf/maps directorys to browse and potentially hook
into and use the url in my server.cfg
Is there any way of preventing any connections to my fast dl server other
than my own game server (via IP:port)
Love to all
Pa
Well, they could make it so that it says something like this:
Dear ,
Your email associated with your Steam account has been changed. The changes
will activate in 24 hours. In case you did NOT change your account email,
please log-in to your Steam account at steamcommunity.com and change your
e
But if you lost your original email and want to change it to a new
one, which is probably the number one reason to change email in the
first place, then you are screwed.
On Fri, Oct 17, 2008 at 4:29 AM, bl4nk <[EMAIL PROTECTED]> wrote:
> I just wanted to get word out there so people would be aware
25 matches
Mail list logo