Abstract Posted October 3, 2006 Share Posted October 3, 2006 Hi all!I'm new on this forum and I registered because I have a question, and can't find help with it, so I post it here.On my website, I activated Hotlink protection, so I made a .htaccess file, with this content:[code]RewriteEngine On# With this line we assure that it will filter only picsRewriteCond %{REQUEST_FILENAME} .*jpe?g$|.*gif$|.*png$ [NC]# Allow blank referrerRewriteCond %{HTTP_REFERER} !^$# Only allow linking from mydomain.comRewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain\.com/ [NC]# If it isn't my domain, display a beautiful 403 error.RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F][/code]Well, for external links it works fine: No site can set an <img> reference to a pic on my website. But... my problem is that I would like to disallow also direct links to pics on my website. I mean, for example, placing a direct URL in the browser to a pic on my domain. Shouldn't this .htaccess I've just posted also block this tries? Because it doesn't. Am I doing something wrong? What should I add to block these accessed too?Thanks a lot for any help! :D Link to comment https://forums.phpfreaks.com/topic/22813-hotlinking-avoid-direct-links-to-my-website/ Share on other sites More sharing options...
Gorf Posted October 3, 2006 Share Posted October 3, 2006 It's in your own comments:[code]# Allow blank referrerRewriteCond %{HTTP_REFERER} !^$[/code]When you type a URL into your web browser directly, there is no referrer set. Thus this Condition is caught if the referrer is NOT (!) blank. Removing the ! should make this work properly.Your best bet though would just to be to create one rule, whereby anything without a referrer from your domain is blocked. I do that for all sorts of stuff like CSS directories, image directories, javascript directories, etc. Link to comment https://forums.phpfreaks.com/topic/22813-hotlinking-avoid-direct-links-to-my-website/#findComment-103467 Share on other sites More sharing options...
Abstract Posted October 4, 2006 Author Share Posted October 4, 2006 Thanx a lot Gorf! I think I have not clear some terms yet.. :-\I just wanted to ask you, what do you exactly mean by creating the rule for blocking everything with a distinct domain of mine? My idea is blocking everything but some .html document, where I put a link to some image (for example, with a <img> tag). Any different URL referencing this image, including direct URL-pasting, should be blocked. It seems it works ok now, but maybe I'm misundertanding something.Thank you again! Link to comment https://forums.phpfreaks.com/topic/22813-hotlinking-avoid-direct-links-to-my-website/#findComment-103973 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.