I am trying to block image hot-linking to some files. I have decided to use modrewrite (enabled).
I have created a .htaccess file below:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.whiteshepherd.net/.*$ [NC]
RewriteRule .*.gif$ - [L]
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.whiteshepherd.net/.*$ [NC]
RewriteRule .*.jpg$ - [L]
It's just not working. Is my syntax correct or am I doing this wrong?
Full Version: Need help with Apache
There is a little tutorial that helped me out
http://websiteowner.info/tutorials/server/...dwidththeft.asp
not sure, but the problem might lie in the RewriteRule
Here's their code.
Hope this helps you
http://websiteowner.info/tutorials/server/...dwidththeft.asp
not sure, but the problem might lie in the RewriteRule
Here's their code.
CODE
Rewriteengine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://your_domain.com/.*$ "NC"
RewriteCond %{HTTP_REFERER} !^http://www.your_domain.com/.*$ "NC"
RewriteCond %{HTTP_REFERER} !^http://www.trusted.com/.*$ "NC"
RewriteRule .*.(gif|GIF|jpg|JPG)$ - "F"
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://your_domain.com/.*$ "NC"
RewriteCond %{HTTP_REFERER} !^http://www.your_domain.com/.*$ "NC"
RewriteCond %{HTTP_REFERER} !^http://www.trusted.com/.*$ "NC"
RewriteRule .*.(gif|GIF|jpg|JPG)$ - "F"
Hope this helps you
QUOTE (WhiteShepherd)
It's just not working. Is my syntax correct or am I doing this wrong?
RewriteRule .*.jpg$ - [L] won't work because there is nothing to rewrite.
The dash ( - ) means there is no file or URL to substitute
The L flag is the last rule so you are substituting .*.jpg$ with nothing.
You can replace L with the F flag to produce a 403 error or you change the dash to a URL and use the L flag with the R redirect flag. Note you can only send another image to the hotlinking site, however, IMHO, it is best to send a 403 error.
Also it is a good idea to use NC not case sensitve flag.
Examples:
RewriteRule .*.jpg$ /bandwidth-thief.jpg [NC,L,R]
RewriteRule .*.gif$ http://domain.tld/thief.gif [NC,L,R]
RewriteRule .*.jpg$ - [F,NC]
I use the following to produces a 403 error. Domain names and image extensions can be any case. For example JPG, jpg, Jpg gIF PnG
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?mydomain.tld [NC]
RewriteRule (.*).(gif|jpg|png)$ - [F,NC]
For SSL sites you will need a RewriteCond for https as well
RewriteCond %{HTTP_REFERER} !^https://(www.)?mydomain.tld [NC]
<added by Doodle>
I forgot to include info about the R flag The examples have been edited to reflect the correct syntax for redirecting to another file
Thanks for the good advice! 
With this example:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?mydomain.tld [NC]
RewriteRule (.*).(gif|jpg|png)$ - [F,NC]
How would i modify this script to allow "anything.mydomain.com" ie www.mydomain.com, forums.mydomain.com, etc while blocking everything else? Can that be done with a wildcard or does each DNS have to have it's own line?
Also would seperate TLD's have their own line or is that better to merge them onto one line (efficiency)? I curious as I'm wondering how much of a hit does this kind of .htaccess have on the server?
Thanks again for all suggestions/insight!
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?mydomain.tld [NC]
RewriteRule (.*).(gif|jpg|png)$ - [F,NC]
How would i modify this script to allow "anything.mydomain.com" ie www.mydomain.com, forums.mydomain.com, etc while blocking everything else? Can that be done with a wildcard or does each DNS have to have it's own line?
Also would seperate TLD's have their own line or is that better to merge them onto one line (efficiency)? I curious as I'm wondering how much of a hit does this kind of .htaccess have on the server?
Thanks again for all suggestions/insight!
QUOTE
How would i modify this script to allow "anything.mydomain.com" ie www.mydomain.com, forums.mydomain.com, etc while blocking everything else? Can that be done with a wildcard or does each DNS have to have it's own line?
You can use a wildcard by repacing (www.) with (.*.) but it is not really advisable because a clever hotlinker can easily take advantage of the wildcard and hotlink to your images by sending a URL like the following
http://otherdomain.com@www.mydomain.com/image.jpg
The bold section is a wilcard match.
You could replace (www.) with ([a-z.-]+) It should work with subdomains. If you have subdomains with numbers and capital letters use the following ([a-zA-Z0-9.-]+)
Alternatively you could use Rewrite rules for each sub-domain and put a separate .htaccess in each sub-domain's directory.
QUOTE
Also would seperate TLD's have their own line or is that better to merge them onto one line (efficiency)? I curious as I'm wondering how much of a hit does this kind of .htaccess have on the server?
Different TLD's will need their own RewriteCond line.
There should be no difference in access times or server load, unless you had hundreds of lines in .htaccess
It's kind of fun to program mod-rewrite so instead of blocking the bandwidth thieves, it serves them an image of your choice instead.
For example, when people steal images from one of my sites, they see a huge ad for my site instead:
**Example Only** No one from this board is stealing my bandwidth!
Nothing like turning a negative (bandwidth theft) into a positive (free advertising).
I wrote a big post about how I did it on WHT if you want to search there.
For example, when people steal images from one of my sites, they see a huge ad for my site instead:
**Example Only** No one from this board is stealing my bandwidth!
Nothing like turning a negative (bandwidth theft) into a positive (free advertising).
I wrote a big post about how I did it on WHT if you want to search there.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.