Jump to content
webgyrl

How To Stop Mp3 File Slurping Sites From Stealing Music Hosted On Serv

Recommended Posts

Hi Everyone!

 

I'm pulling my hair out dealing with thieves! LOL

 

Over Christmas I found out that there are a lot of websites that somehow have crawled my site and are now offering my original music for free or paid downloads on their site as well as streaming and I am not involved in this process, however they are stealing my site bandwidth to do their deeds. They are essentially stealing my music and making profit off of it without my consent in some cases, in others they are just offering free downloads served up on my hosting dime!

 

I was in touch with tech and we seem to have been able to block some of them, but there is one site offering multiple free downloads of my music that I can't seem to block.

 

I have used the IP deny manager to deny their IP and I went back to test and I can still stream and download my music. I've emailed the site to ask to have my music taken off, but surprise, surprise I don't get a reply. I used whois.sc to find out who the site is but they seem to have a private server and I can't contact an abuse department.

 

The villain in question is: http://www.mp3-codes.com/library/search/natalie+brown

 

They seem to be doing this to thousands of artists.

 

How can I block them from doing this or is it not possible to do so?

 

And I know some artist give away their music and there are advocates of this way to promote. I do give some away in certain circumstances. I just think it's horrible for me, the artist who spent the time, money, brain power and creativity to create the intellectual property, to not be a part of that decision process.

 

Thanks to anyone who can help me stop the pilfering!

 

Thanks,

Nat

Share this post


Link to post
Share on other sites

WOW, Nat! I'm so sorry that is happening to you. I'll be watching this thread to see what all the gurus have to say since I've had some files pilfered on my design site that I had to move to a login area for paid customers to access my designs.

Share this post


Link to post
Share on other sites

Hi Marge,

 

Sorry this is also happening to you. It's so very frustrating! I hope someone has an answer. Some of the sites I've been able to block or re-direct to a nice message that encourages people to buy instead of download for free. But this one site is just eluding me in terms of blocking it.

 

Take care,

Nat

Share this post


Link to post
Share on other sites

You could try something like this in a .htaccess file:

 

 

>
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(mp3)$ http://www.google.com [L]

 

 

Replace mysite\.com with whatever your domain name is, make sure you have the \ before the . so for example:

 

yourdomain\.com or yourdomain\.net

 

 

This will then forward any access to .mp3 files to google if the requests are not originating from your website.

 

 

or probably a better way:

 

>
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(mp3)$ - [F]

 

This will send a 403 forbidden header.

Edited by OJB

Share this post


Link to post
Share on other sites

Sorry, I should probably have noted that those rules will prevent direct access to your mp3s FROM EVERYWHERE but your site. Meaning if you have links to your own mp3s on any other site these will no longer work.

Share this post


Link to post
Share on other sites

Hi OJB!

 

Thank you for that workaround using .htaccess!

 

This is what I put in my file

>## Begin Redirect For File Stealers
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?natalie-brown\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(mp3)$ http://www.natalie-brown.com/i-appreciate-you.html [L]
## End Redirect For File Stealers

 

It's funny, now when I got to that site I referenced above, my songs stream but when I go to download my virus alerts go off like mad.

 

Can you test above and go to the first song "Run Away" that shows up in that link I gave you and see if you can stream or download it?

 

Thanks for the help. I hope this does the trick :)

 

Nat

Share this post


Link to post
Share on other sites

Hi Nat, streamed for me but the download link brings up your appreciation page. :)

 

Sucks that people resort to screwing others whether for profit or not.

Share this post


Link to post
Share on other sites

Hi Bruce!

 

Thanks for checking.

 

It's strange because that one file works but some of the others don't. I see two that are hosted on other sites, so I'll have to pull my music from them. But why would that command work for one Mp3 but not all of them?

 

It is really frustrating getting screwed over like this. For a little Indie artist like me every paid download counts. When I see 14K downloads that were given without my permission that could have been a sale it's pretty devastating and a little deflating also. I don't understand why people think that this is OK to do.

 

Thanks so much for the help.

Share this post


Link to post
Share on other sites

OJB

 

Oooops. How would that happen? I have been blocking IPs and ranges of IPs like a mad fool. Should I go and undo all of them and then let you know and you can check again?

 

Thanks,

Nat

 

PS. I can see all my site pages... leading me to beleive your IP is the the range of blocked ones.

Edited by webgyrl

Share this post


Link to post
Share on other sites

OJB,

 

Could this block of rules:

>## Begin Redirect For File Stealers
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?natalie-brown\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(mp3)$ http://www.natalie-brown.com/i-appreciate-you.html [L]
## End Redirect For File Stealers

 

 

Be interfering with this block of rules in the .htaccess file?

>RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://natalie-brown.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://natalie-brown.com$      [NC]
RewriteCond %{HTTP_REFERER} !^http://new2.natalie-brown.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://new2.natalie-brown.com$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.natalie-brown.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.natalie-brown.com$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.new2.natalie-brown.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.new2.natalie-brown.com$      [NC]
RewriteRule .*\.(mp3)$ http://www.natalie-brown.com/i-appreciate-you.html [R,NC]

 

I did some stuff within cPanel. Just want to make sure I'm not doing something that is clashing.

 

I have deleted the deny IP addresses, so check and see if you can access the pages of my site now.

 

Thanks,

Natalie

Share this post


Link to post
Share on other sites

I still receive a 403.

 

 

That larger block of rules does the same as the first one (more or less).

>
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?natalie-brown\.com/ [NC]

 

What that does is tests if the referer to the file being served is from:

 

http://natalie-brown.com

http://www.natalie-brown.com

 

and in fact

 

http://ANYTHINGATALLHERE.natalie-brown.com

 

So that covers all your subdomains. The one thing it doesn't do is cover any directories within those subdomains.

So I would change it to:

 

>
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?natalie-brown\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(mp3)$ http://www.natalie-brown.com/i-appreciate-you.html [R,NC]

 

 

However if you can see your site and I can't then I probably am within your IP block range. No worries :) hahaha.

 

 

Edit: Having just said that I now appear to have access to your site. But I can also download direct from that MP3 site you linked to at the top.

Edited by OJB

Share this post


Link to post
Share on other sites

Hi OJB,

 

I deleted all the blocked IPs.

 

I still am having the issue with that site above and I didn't change my htaccess file. I'm tried to attach my .htaccess file but I don't seem to have permission to do that. Would sending you a PM to mail it help?

 

I'm glad you can see the site. But yeah, wow, this file stealing stuff is getting me down. I think most other sites are blocked out but this one. It's just I don't need another thing to monitor and it's getting to be a headache. LOL

 

Thanks so much for all your help!

Edited by webgyrl

Share this post


Link to post
Share on other sites

Hey

 

 

Feel free to PM me and I can send you my email address and I will have a look over it for you no problem.

 

OJB

Share this post


Link to post
Share on other sites

I just tried downloading from the link you provided in the first post and it seems to be working, forcing a download of your i-appreciate-you.htm file instead.

 

However I noticed that the "I Wonder" track seems to have been uploaded and is downloadable from this site:

 

http://blog.macjams.com/?m=200806&paged=3

 

Not sure if you are associated with this site in any way but its a heads up.

 

 

Also 'You're Mysterious' seems to have found its way onto:

>http://www.fileden.com/files/2009/6/17/2480511/Youre%20Mysterious.flv.MP3.mp3

 

Currently fileden seems to be down for me so I can't access the site or the mp3, but it might be worth seeing if you can contact them and get it removed?

Share this post


Link to post
Share on other sites

I got redirected to fileden.com when I tried OJB´s link above so it can probably not be downloaded/listened to directly through that link.

Share this post


Link to post
Share on other sites

I just tried downloading from the link you provided in the first post and it seems to be working, forcing a download of your i-appreciate-you.htm file instead.

 

However I noticed that the "I Wonder" track seems to have been uploaded and is downloadable from this site:

 

http://blog.macjams.com/?m=200806&paged=3

 

Not sure if you are associated with this site in any way but its a heads up.

 

 

Also 'You're Mysterious' seems to have found its way onto:

>http://www.fileden.com/files/2009/6/17/2480511/Youre%20Mysterious.flv.MP3.mp3

 

Currently fileden seems to be down for me so I can't access the site or the mp3, but it might be worth seeing if you can contact them and get it removed?

 

Yes, I had uploaded I Wonder to MacJams. I'm pulling all my tracks from there as i type this. I hope they get deleted from their database also. I could not access the FileDen link. I wonder if it's gone? I used to go around asking for takedowns on those hosting services, but they never seem to get back to me.

 

It's getting to the point that fighting piracy is a part time job and I'm *supposed* to be doing other things (like making more music for people to setal!). Sheesh.

 

I don't know if this is even worth the fight. Seems people can steal IP if they want to no matter what.

Share this post


Link to post
Share on other sites

Thanks for checking Thomas. Hope you are well :)

Share this post


Link to post
Share on other sites

Natalie,

Another issue looks like you should fix, is prevent directory listing. Login into cPanel go down to the bottom under Advanced section, and click on Index Manager. Click okay to select the default folder. From the folder tree click on your audio folder. On the following screen, choose "No Indexing" radio box and hit okay. Right now if you type in your address pointing to the audio folder, all of the folders and files are shown. This allows anyone to be able to download or access all of the content under this folder.

 

Or you can upload a blank index.html file into all of your subdirectories, so the files are not shown.

 

In regards to using .htaccess, it seems you are on the right track. Check if your audio folder also has a .htaccess file as subdirectories override the one in your webroot.

 

If you can't get it working using .htaccess, you may consider using php and mysql database to handle the process. For I site I am working on, a user can upload a file (ie. image or mp3). The files are uploaded to random folders and added to a database. I use a php script that calls a file id (ie. http://www.natilie-brown.com/mp3/1), checks the user/referrer, gets the file location from the DB, and then streams the file to the browser. It would be very difficult for a user to ever guess the real filename and real directory to hotlink the file.

 

This approach is transparent to the user, and offers a level of authentication.

Share this post


Link to post
Share on other sites

Hi pickupman,

 

Thank you for all that excellent info. I have done the blank index.html to a few directories that I want to protect, but also I have used the Cpanel Index Manager. Thank you very much for pointing that out to me.

 

I find it interesting that the indexing is allowed considering I have a robots.txt file in place that Disallows access to certain directories.

 

Does this mean that the robots.txt file does not work to disallow them? Or is this robots file for some other purpose?

 

I think for now all is working with the .htaccess file. The PHP/MySQL solution is very interesting. How can I get hold of that script with instructions, or is it something you privately developed?

 

I am also looking into a solution that OJB suggested via message regarding using a service like SoundCloud to host the files and I embed a widget. I am trying to find out right now what their level of security is on any Mp3 content uploaded to their site.

 

Thanks again to everyone. This is an excellent primer on protecting certain content on a site and I think it will be useful to others seeking to do the same.

 

Thanks,

Nat

Share this post


Link to post
Share on other sites

I find it interesting that the indexing is allowed considering I have a robots.txt file in place that Disallows access to certain directories.

Natalie,

Glad to see you taking a couple of steps to protect yourself. As for a robots.txt, just prevents a search engine crawling your site/directories. That doesn't mean, someone who knows the url to just type it in. Index listing is default of Apache webserver. If a index.html, index.htm, or index.php is not found, the directory is printed. This can be handy in some cases. I have Apache running on my computer at home. I have password protected a folder, and can login and retrieve any file from that folder.

 

Yes, I wrote the php script myself. Here's a link that outlines the same idea.

MP3 Streaming Script

 

Since you are already using php & mysql running Mambo, you wouldn't need much more to put this into place. Upload files using a script that stores the info in the DB. Use php to create a cookie, check for valid cookie. If cookie is valid, get a file name from the DB, and stream to user.

 

Let me know if you would like some help.

Share this post


Link to post
Share on other sites

 

 

Let me know if you would like some help.

 

Just sent you a PM! Thanks!

Share this post


Link to post
Share on other sites

Just wanted to take a moment out to thank pickupman on the form for all the help with getting a solution for protecting my Mp3 files. That script is a great one Joe, maybe you should consider making it for sale somewhere as a lot of artists would benefit by your work.

 

Thanks again!

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...