It seems that jPlayer module has an option to 'Protect audio files from direct downloads': https://www.drupal.org/project/jplayer

For those that are looking to protect their mp3 from being directly downloaded, this seems a good idea.

Or it is possible just to swap out pushtape player and use jplayer instead? how integrated is pushtape player with this distribution?

cheers,

Comments

duvien created an issue. See original summary.

zirafa’s picture

zirafa CreditAttribution: zirafa as a volunteer commented

The pushtape player script was designed to integrate easily with this distribution with minimal configuration.

However, the audio in this distribution is just a filefield, so I don't see why you wouldn't be able to turn off pushtape_player module and use the jplayer module instead. I'd recommend just trying it out and see if it works, though I won't be able to provide much support if it doesn't work out.

Note: I see a bunch of open issues regarding the jPlayer Protect feature, so you might want to test that first to see if it is stable and works on a vanilla Drupal install.

onejam’s picture

onejam CreditAttribution: onejam commented
Status: Active » Closed (won't fix)

Thanks. I'll give it a go.

onejam’s picture

onejam CreditAttribution: onejam commented
Status: Closed (won't fix) » Active

Ok, so jplayer protection doesn't work as it requires private directory.

However, another way is to use .htaccess file placed in the audio directory:

RewriteCond %{HTTP_REFERER} !^http://(www\.)?localhost/ [NC]
RewriteRule \.(mp3|mp3?)$ - [F,NC]

That seems to prevent direct access to the mp3 files in the folder (ie, sites/default/files/audio/) so users cannot download mp3 directly.

Quick question, do you see any issue in using this method?

cheers,

zirafa’s picture

zirafa CreditAttribution: zirafa as a volunteer commented

Wouldn't you want to use a private directory?

For the .htaccess method, my first thought is if the server prevents direct access to the file, the player script may also have trouble playing the file. You'd need some way to give the player script local permission to the file, while denying outside requests.

You could just try this one line in an .htaccess placed in the audio directory:

Require local

This should deny all outside requests to a file, and only grant access from the local server.

https://httpd.apache.org/docs/current/mod/mod_authz_host.html

onejam’s picture

onejam CreditAttribution: onejam commented
Status: Active » Closed (fixed)

That was what i thought too but the mp3s are working fine with pushplayer, with the htaccess directive i've shown you applied.

Thanks for the suggestion. Will also try out your suggestion as well.

Will close this issue as i think it's resolved now.

cheers,