|
Hotlinking protection?
Can someone give me the code to put in the .htaccess file to prevent direct linking to pics on my domain, from outside of my domain? thanks
|
|
|
can someone just give me the code to put? I'm sure a lot of you use that code already, so please just copy it for me..it should be a simple code
|
You Sir, are LAZY!
|
Apache Rewrite Module
The mod_rewrite Apache module is one of the best tools you can have on your server to help prevent unauthorized sites "hotlinking" your images or other files. Providing that your server has been set up for it, you can use this module for a number of things. To prevent unauthorised use of files and images To hide the real location of files on the server To translate script input from one format to another To redirect the user based on... time of day file they accessed network they are connecting from or anything else that can identify them as part of a "group" of users Preventing Hotlinking The most common use of the RewriteEngine is to limit access to specific file types on the server. To do this, you will need to add some rules and conditions to your .htaccess file so that the server knows what to look for and what to do when it finds requests that don't meet the criteria. When editing your .htaccess file it is recommended that you use Notepad or equivalant to keep the file clean. Remember to upload the file in ASCII mode! Here is a generic version of the code you will want to use. Of course you will need to make changes before it will work the way you want it to; replace all instances of you.com with your own domain name and add or remove file types as you see fit. Rewriteengine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://your_domain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.your_domain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.trusted.com/.*$ [NC] RewriteRule .*\.(gif|GIF|jpg|JPG)$ - [F] How does it Work? It's all very well having the code, but you may be interested to know how it works so that you can have a go at editing it to behave more like you want it to. If you ever want to disable the rules, it is much better to use the Rewriteengine statement to switch them off as opposed to commenting them out or deleting them from your file. The RewriteCond lines tells the server to look for requests with HTTP_REFERER strings that are not empty and that match valid uses of your domain as you define them in the file. The ! at the start of the condition pattern means not, and so negates the result of the pattern that follows it. ^ and $ are special characters used to match the start and the end of the string in question. So the pattern ^http:// would look for strings starting in http:// and gif$ would match strings ending in gif. The sequence .* will match any character for 0 or more times, and so adding it to the start or end of a particular string will allow fuzzy pattern matching of sorts. The [NC] flag at the end of the RewriteCond lines tells the server to ignore the case (no case) while looking for matches. The RewriteRule line tells the server how to deal with the requests that match the condition. In this case it is looking for requests to image files that end in .gif or .jpg (either in all capital letters or all lower case, the options to match are shown in brackets separated by the | character). Note that the . has to be un-escaped by adding a \ in front of it as it is the special character that denotes other characters. When it finds a request that has passed all the conditions and matches the rule, it will rewrite the request with -, although this could just as easily go to a page on your site. Finally the [F] flag tells the server how to respond to the request, in this particular case, it will tell the browser that it is forbidden from retrieving that file. |
Here you go replace the XX's with your numbers
you can also add error 405 and such Oh and don't forget this or it won't work When editing your .htaccess file it is recommended that you use Notepad or equivalant to keep the file clean. Remember to upload the file in ASCII mode! Also hit the enter key after the last line I do 2 myself. AuthUserFile /dev/null AuthGroupFile /dev/null AddHandler server-parsed .html RewriteEngine On RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://yourdomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com:80/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://yourdomain.com:80/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://XXX.XX.XXX.XXX/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://XXX.XX.XXX.XXX:80/.*$ [NC] RewriteRule .*\.jpg$ http://www.yourdomain.com [R,L] RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://yourdomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com:80/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://yourdomain.com:80/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://XXX.XX.XXX.XXX/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://XXX.XX.XXX.XXX:80/.*$ [NC] RewriteRule .*\.gif$ http://www.yourdomain.com [R,L] ErrorDocument 404 http://www.yourdomain.com/ |
Easy,
Just put a piece of tape (sticky side in) over your content directory. This will cause your content to stick in the directory, whle your hotlinkers slip and slide off the directory.. I hope this helped. Love, Me |
Quote:
|
Quote:
much appreciated :thumbsup |
|
Quote:
do i need to place a .htaccess file in every directory? or is it enough to place it in the main directory and it will work for all other directories within the domain? |
Quote:
I usually put it every Dir. because i hot link my banners for one domain. and in my root have a htaccess 2 protect from rippers such as teleport |
Quote:
|
Code:
RewriteEngine on http://www.webpimps.com/scripts/htaccess/ Check out this site.... There is a lot of wrong htaccess info out there. -Ben |
Quote:
|
Quote:
|
btw everyone should have these lines in all their htaccess files.
Code:
RedirectMatch (.*)cmd.exe$ http://stoptheviruscold.invalid$1No need to have a worm download however many K of HTML. -Ben |
| All times are GMT -7. The time now is 05:37 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123