3

I am hosting videos on my website. In my code I link to the path of the video like this.

file: "video/some_random_video.mp4"

This works fine because the location of my .html page and the video folder is in the same directory. Placing the videos here allows anybody to look at the .html source and find the path to where I keep all of my videos essentially allowing them to download them all.

Is it possible to place the videos back a few directories possibly in my root directory such that I can link to them but others cannot have access to them?

This is not working.

file: "./video/some_random_video.mp4"

I am trying to find any way to link to the videos on my server but disable users from checking the source and finding there location.

Any input is appreciated. Thanks!

Biotic
  • 79
  • 1
  • 9
  • I tried using file: "../video/Paintball Madness.mp4" and it still is not working. Maybe JWplayer is the issue. I have it working with the same video in a different location just fine. – Biotic Oct 16 '12 at 20:39
  • Check the page source to see if you have a `base` tag in the head. This will affect all your links so that they might not work as you expect them to. – Stefan Oct 16 '12 at 20:55
  • I do not have a base tag in my head. – Biotic Oct 16 '12 at 21:11

4 Answers4

2

To go backwards thru your directory, you need to use

file: "../../video/some_random_video.mp4"

(two dots, not one)

Optionally, you could try using .htaccess to prevent public access to your video folder

sǝɯɐſ
  • 2,470
  • 4
  • 33
  • 47
  • Are you sure you're going the correct number of directories back? And confirming that your filename is correct? – sǝɯɐſ Oct 16 '12 at 20:37
  • Yes I have confirmed that the file name is correct.I am only trying to go one directory back and then access the video folder in that directory. file: "../video/some_random_video.mp4" – Biotic Oct 16 '12 at 20:51
  • Maybe you would be better off trying the .htaccess method? (see my edit) – sǝɯɐſ Oct 16 '12 at 20:55
  • I read this at the bottom of the page you linked. "The technique discussed here prevents only access to folders as a list of files. It does not prevent access to individual files. If the visitor knows the exact URL or the file is embedded or linked in one of your webpages, it can still be accessed." – Biotic Oct 16 '12 at 21:06
  • Ahh... sorry... try [this one](http://www.kavoir.com/2009/01/htaccess-deny-from-all-restrict-directory-access.html) instead? – sǝɯɐſ Oct 17 '12 at 19:06
0

Try this:

"/video/some_random_video.mp4"

Assuming the video folder is in the root directory.

Kevin Boucher
  • 16,426
  • 3
  • 48
  • 55
0

You can use root-relative urls like Kevin Boucher suggests.

Another option is to use an HTML base tag in the page head:

<base href='http://yoursite.com/'>

Then you can use links like this:

<a href='video/some_random_video.mp4'>Video</a>

In other words, it's as if all your links have your base href prepended.

As an aside, just remember that links in css files files are always relative to the location of the css file - irrespective of whether you use a base tag or not.

Community
  • 1
  • 1
Stefan
  • 3,850
  • 2
  • 26
  • 39
  • Thanks for the input Stefan. This could work but it would still allow somebody to download the files in this directory by directly accessing them. For example I could still navigate to http://mysite.com/video/some_random_video.mp4 and download the video. – Biotic Oct 16 '12 at 21:17
0

using .htaccess would be useful, many solutions exists.

try prevent hotlinking by checking the referer of requests.

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?example.com [NC]
RewriteRule \.(mp4|flv)$ - [F]

Take a look here or here

or passing the files through a PHP file and send them to the output while direct access to the files/folders is denied:

<FilesMatch "\.(mp4|flv)$">
    Order Allow,Deny
    Deny from all
</FilesMatch>
Community
  • 1
  • 1
Hashem Qolami
  • 97,268
  • 26
  • 150
  • 164
  • I tryed the first method you suggested. `RewriteEngine On RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^https?://(www\.)?mysite.net/videos/.*$ [NC] RewriteRule \.(mp4|flv)$ - [F]` This stopped me from directly navigating to the URL so it worked! However it also stopped my video player from being able to access the file. – Biotic Oct 16 '12 at 21:49
  • @Biotic: perhaps [this approach](http://stackoverflow.com/questions/1516779/setting-up-apache-to-serve-php-when-an-mp3-file-is-requested) could be helpful, explained my second plan. – Hashem Qolami Oct 16 '12 at 22:17