New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
less agressive "captcha" solution
hello i have a videoplayer which some people do scraping on it and get the video URL directly, i fixed this adding invisible google recaptcha v2 as validation but i get a % of false positive on people using tor or with bad ip reputation in order to complete challenges...
is there any free alternative very easy to complete for humans?
-cloudflare doesn't work-
Comments
I build my own video delivery solution.
Getting the URI of video files is of no use because no existing software can download the video.
https://github.com/yoursunny/NDNts-video
Any captcha solution will fuck over people having bad IP reputation, that’s the whole point of them.
If you don’t want to make it harder for Tor users, basically the worst IPs there are abuse-wise, who exactly do you want to make it hard for?
Nginx
It is based on a Wordpress plugin but
Source: https://github.com/jaapmarcus/nginx-secure-link
I have developed it for a website that had the same issue. The URLs are valid for the TTL you can set. So they can use the url only for xx min
What about people streaming something for long?
How does it stop anyone from scraping and downloading directly?
It doesn't how ever it will prevent user that share the urls directly with other users or posting it on a other website.
Captcha doesn't prevent direct download either. I don't think it can really prevented. But it will stop the hotlinkig issue.
If you setup the TTL to 15 min videos shorter the 15 min are no issues..
I recently signed up somewhere that had a captcha saying "If you are human, do enter nothing in here". If this works indeed, that's really smooth imho.
If I offer a video file for downloaded in it is always download able by the user. If not with browser I can do it with Videolan or via FFMEPG or any online tool.
I have been hosting videos for a few websites and there 4 "problems"
x1. Will be prevented by this system if the TS wants he can also include the ip adress but after xx min the video url will return a 403 message
x2. Won't be prevented but but his method will not either aslong the by cachaca by passes
x3. Include IP or untill it blocks by the invalid of the url after xx min
x4. This is not prevented but the only method To do that is by implement a rate limit / what ever..,
If you want to prevent downloading use a DRM and pay xxxx dollars / month
This is how I solved my issue and any body is able to (ab)use it if they want. And it worked for me and it achieved what I wanted to prevent it