Is there a way to monitor who downloads what off my website?

Phate

Phate

Phate

Caporegime
Joined
1 Nov 2003
Posts
35,691
Location
Lisbon, Portugal
As title really.

I run a photography website, and naturally I'm a little concerned about my work being used without my knowledge.

Can anyone offer any insight as to how (if I can) can I tell if people are downloading from my site?

Thanks.

Jacob.
 
Personally I don't see how it can be done, especially in what you do.

If you had wrote a program, or was offering a font, zip, exe or anything else then it would be a piece of cake, but your work is 'probably' JPEG's which are part of the website itself.

You 'could' offer the DNG (If you offered them) and of course monitor those as they aren't part of the original webpage, and another alternative would be to have each photograph on it's own dedicated page and your webstats would show what page people are visiting.

But I just don't see how you could monitor a 'right-click' and 'save' over a picture, unless it was some kind of sophisticated hack (similar to those right-click disabled scripts) that behind the scenes updates a counter.

Of course I'd love to be proved wrong as it would be interesting to see but I think you're out of luck Phate.
 
You can use a program such as awstats to analyse the log files generated by your site - this is assuming you own the server which hosts your site. It will create pretty charts and the like showing statistics of all your visitors.
 
paulhuk2 said:
You can use a program such as awstats to analyse the log files generated by your site - this is assuming you own the server which hosts your site. It will create pretty charts and the like showing statistics of all your visitors.
Click to expand...

cool :)

My server is with register1.net - i ftp into it, can I use it still?
 
you can, but you'd have to set it up yourself.

you could do an ajax request that submitted details about a user every time they right clicked on your image - though this wouldn't work with people who have javascript disabled (very small percentage), it'd be a very unobtrusive way of doing it. the event handler you're looking for is oncontextmenu.

this would also be relatively pointless, as you'll only be able to log IP addresses and that isn't going to be very useful for you. Once you've got a list of IPs of people who've downloaded your picture, what are you going to do with it? There's no way to pair that up to a person without breaching data protection and whatnot.

it'd be interesting to see which are your most-downloaded photos though.
 
whitecrook said:
Uhhhh when people VIEW your site they are downloading... You can't stop people downloading you images.
Click to expand...

Yes, but you can't download it to your computer easily without either visiting the image directly (which can be disabled) or right clicking the image, which as i've shown can be tracked. Sure, you can print screen, but that's a bit of an annoying way to do it anyway!

I've noticed that you're using flash for your site, phate. My suggestion won't work with flash. Unless you're planning a redevelopment, i haven't got a clue how to help!
 
Sic said:
Yes, but you can't download it to your computer easily without either visiting the image directly (which can be disabled) or right clicking the image[snip]
Click to expand...

...or just looking in your IE/Firefox image cache. Viewed image (by definition) equals downloaded image.

:)

Steg. + watermark is the only practical way of protecting digital image rights, unless you prefer the "ultra-low res/poor quality" route, but then people can't see the true wonder and glory of your talent.

:)
 
Mr^B said:
...or just looking in your IE/Firefox image cache. Viewed image (by definition) equals downloaded image.

:)
Click to expand...

I'm not arguing that it can be done, i'm just saying that Joe Public wouldn't know to do it
 
If i was in your situation i would provide untouched thumbnail images. Upon clicking for a higher res image they get a different version with a blatant watermark across it with the words "Members Only" or something.

If users wanted to view the unspoiled images, they would have to sign up. Make the sign up simple but use e-mail verification. As each person signs in, write their session ID to a dedicated field in a table for that user. Depending on the web server the session ID would get recorded in the logs.

You could get more advanced and create logs for each user of what images they have accessed. Moreso you could possibly encode a unique variable in to each high res image on the fly as it downloads for that user. If you ever spot the image elsewhere you could open it up in a hex editor or your own tool and locate exactly where the variable would have been placed and then link that to the user. I am guessing you could easily insert things in to the raw data without causing a problem for the image to be displayed. Most likely somewhere in the header, the same way camera type/settings can be encoded in to images.

This would be fairly complicated to do, but it would be doable. Since you have a valid e-mail you know their e-mail is correct and then give them some stick!

Depends how advanced you wanted to get really. Even if you did all that with the encoding of the image, you only have an e-mail address to go on. Then you have the problem with users who can't be bothered to sign up, especially if its a personal web site with a few dozen images.
 
I'd have all my images coming via a php script.

E.g. a thumbnail would be from image.php?id=105&size=thumb, a fullsize would be from image.php?id=105&size=fsize.

then if size=thumb;
- look up image ID from database to find its actual URL
- load up the image, use php to output the image (so the image source is actually image.php?id=105&size=thumb

if size=fsize
- look up image ID from database to find its actual URL
- see if the user is a logged in user
- - if logged in, load up image and output via php, log the fact this user has view this photo
- - if not logged in, load up the image and write something such as "please log in to view photographs without obstruction" a fair few times in the centre, log the users IP address if you wish

so then only logged in users could view full photos and you'd have it logged, an no users would get the actual URL of your photos :)
 
Any idiot can use printscreen, and when they save the image it will destroy the digital watermark. There isn't anything you can do really. If someone was really serious they would just log in using an annonymous proxy as well.
 
The only way to stop people stealing your images is not to put them on the internet.

I'd watermark them, on a diagonal, and then use small image sizes, say 400px x 200px or something.

If you use Gallery2, then there's a watermark module that does all the hardwork for you: you design a transparent png with your watermark and then every image you upload it automatically layers on the watermark.

but I see you use simpleviewer
 
whitecrook said:
security through obscurity = pointless
Click to expand...

it's not really security in this case, is it? I did state in my original post that it wasn't a catch-all solution. bottom line is that if someone wants the guy's photos, but he doesn't want them to be had, then they shouldn't be on the internet. There is no fool-proof way to do this, as I also said. however, that statement just seems like you're trolling, so I won't dignify it with anymore of a response
 
Sic said:
it's not really security in this case, is it? I did state in my original post that it wasn't a catch-all solution. bottom line is that if someone wants the guy's photos, but he doesn't want them to be had, then they shouldn't be on the internet. There is no fool-proof way to do this, as I also said. however, that statement just seems like you're trolling, so I won't dignify it with anymore of a response
Click to expand...

lol whatever.

I like how you disagree, and then agree with me over the course of a few posts, and then accuse me of trolling. Nice one.

Of course it's not really security - that is my point! By definiation if you put stuff on the web to view, you can't then stop people viewing it (and then using it eleswhere)

The way to detect this is as has been mentioned, steg.

The way to prevent this, is as has been mentioned, to heavily obscure / watermark images which means people won't want to use them.
 
You must log in or register to reply here.
Back
Top Bottom