 |
Try it!See the picture below? It's called demo.jpg. Right-click on it, select "properties" and check: demo.jpg, right? |
 |
|
So now: take a closer look at demo.jpg. Click here, or type it into the title bar. (On Firefox, you can even "View image".) Notice any difference? But it's the same file, isn't it? |
This page is for questions of a general nature. For first-line technical support, please see the troubleshooter.
DeLeach is designed to run as an ISAPI under Microsoft IIS. It will work just fine in any version of IIS above version 4.0.
DeLeach isn't written in any scripting language - it's not a script. That's because it's designed to work in conjunction with (and protect) any scripts you have already used on your website.
It's not a CGI either. It works with - and protects - your existing CGIs.
DeLeach is written as an ISAPI, so it is installed right into the web server itself.
It's written in plain old C - so it's small and fast.
In order to run DeLeach, it must be installed on the webserver. If you aren't able to administer your webserver, then you won't be able to install or administer DeLeach on your own.
That doesn't mean you can't DeLeach your website, it just means that you're going to have to get your hosting company or systems administrator to set it up for you. Please ask them to contact us - we have special versions of DeLeach which have been developed for commercial hosts and large servers.
None. You can install DeLeach and all your existing websites will continue to work exactly as they did before. No changes whatever.
But, "no change" implies that DeLeach won't be working for you either. In order to get some benefits you'll have to create some directories representing your chosen policies, and then move your sensitive files into them.
Start by creating the _self and _def directories - these policies are guaranteed to work no matter what other configurations you have set.
You can find step-by-step guidance in our Get-started guide.
All browsers provide information to webservers - information such as which program they are, their stored cookies, and linkage (or referer) data, and so on. The information is provided to make both browsers and webservers work better, and users get a better browsing experience by using them. DeLeach is only one of many programs which use some of this information.
(Not all the information can be spoofed. For example, DeLeach can test the browser's IP address, which cannot be faked.)
Some browsers can be programmed not to report this information, or to mis-report it. And it's true, this kind of mis-reporting will deceive DeLeach - it will serve up the wrong files.
But that doesn't defeat it's effectiveness! Programming a browser to lie to a webserver gives a much poorer browsing experience, and so hardly any users do so.
The thing is: it's not really web users that you're concerned about. It's webmasters, who are deep-linking into your website in order to make their site look better at your expense. In order for them to defeat DeLeach - that is, to make sure all their visitors got to see their improved website - they'd have to make sure that all their visitors had set up their browsers to lie. They'd need a message on their website along the lines of "In order to enjoy this website at its best, and to see all our stolen content, please switch off your security settings, and make the following changes: If you're using MS IE 7.0, click..." and so on ad infinitum, for every possible browser. Who would bother?
Some unscrupulous webmasters don't deep-link to your files (because, if you're reading your logs, you'll know they're doing it). Some just take a copy of your files, and place the copies onto their own websites. That is, they serve your files from their server. This isn't bandwidth theft (they're providing the bandwidth to download your image), it's copyright theft.
DeLeach can't prevent copyright theft. If you send a file to someone's computer, then you lose control over what they do with it! Flickr, for example, uses some tricks to disuade people from stealing the pictures they show you, but even those techniques can be bypassed. The only thing that can really prevent people from stealing your files is not to send your files to them in the first place!
But DeLeach can go some way towards limiting copyright theft. By providing explicit deep-link policies, you're implicitly giving permission for others to use specific versions of your images on their websites. You probably don't need for them to use your bandwidth to deliver those pictures!
We would strongly advise providing a copyright notice somewhere on your site, describing exactly what your policy is. You can find some suggestions, and more advice here.