Does anyone have any suggestions on how to prevent users from going straight
to the iipserver and requesting tiles that they could potentially use to
restitch the high-res image back together ? I understand there's a MAX_CVT
configuration variable which allows you to limit the export size of an image,
however it doesn't prevent someone from potentially tiling the image if they
I take it a user couldn't just plug their iipmooviewer into our server due to
cross site scripting, though even that could be bypassed....
Are there any best practices / suggestions out there to prevent this sort of
thing from happening to copyrighted images ?
You seem to have CSS turned off.
Please don't fill out this field.
There's no way to make 100% sure you cannot download tiles. The most secure
way would be to use the watermarking feature to dynamically add a watermark.
Alternatively, you could limit the JPEG compression factor to a level which is
reasonably good, but not that good.
You could also think about using Apache or Lighttpd to filter users that cause
problems or redirect them to watermarked versions. You can also do this with a
proxy cache like Varnish. Filtering can be via IP address blacklists or via
the user agent or referrer string. You should be able to detect many automated
download tools in this way. I've also been thinking of creating a Varnish or
Apache module that will detect sequential tile downloads and ban the user,
which could help also.
Many thanks for the swift response Ruven, I'm particularly keen on the the
sequential tile detection idea... I'll report back with any success we have
with these options.
Sign up for the SourceForge newsletter: