Download Protector, Anti Leech

I am intersted in protecting my downloads, like this, please tell me how to do this :
http://rebirth.cdrsoft.cc/script/1030225564%201285395342/cr_qtp60.zip
http://rebirth.cdrsoft.cc/script/1030225580%201096223371/cr_qtp60.zip

The text in bold, is some kind of virtual directory, created after rererer check, random ? How can I do that ? This is ideal, to generate a random directory, so that no one knows the actual location on the server.

that "random directory" is most likely not a physical directory at all, but a session id.

The site probably has an apache rewrite rule to take this URL and pass it into either a mod_perl handler or a PHP, perl or other script, using the session id to track who you are.

Do a search of the apache forum for "mod_rewrite" for ways this can be done.

How about symlink the file into the random directory
Then make a .htaccess file.

Sure. Whatever.

I REALLY don't think that's what that's showing you, though. It would be very inefficient to create random directories and manage them- you'd have a lot of duplicated files and a potential management nightmare as you try to figure what directories you can/can't delete. I really doubt a clueful server admin would let this type of system get implemented.

Using a rewrite rule is the way that stuff like this is normally done- for instance (and this is straight from a production system):

in an httpd.conf virtualhost directive:


will rewrite any request to "http://www.domain.com/page/2343" to
"http://www.domain.com/perl/doc.cgi?rm=show_page&id=2343"

It looks like "page" is a directory, but it's just a flag for a rewrite rule. That's probably what's happening here- the rewrite rule is written to extract the session id and pass it into a script of some sort, and then the id is used as a lookup to determine whether or not a user can gain access to a resource on your server. No directories involved at all.