Jump to content


This topic is now archived and is closed to further replies.


Hotlinking - Avoid direct links to my website

Recommended Posts

Hi all!

I'm new on this forum and I registered because I have a question, and can't find help with it, so I post it here.

On my website, I activated Hotlink protection, so I made a .htaccess file, with this content:

[code]RewriteEngine On

# With this line we assure that it will filter only pics
RewriteCond %{REQUEST_FILENAME} .*jpe?g$|.*gif$|.*png$ [NC]

# Allow blank referrer
RewriteCond %{HTTP_REFERER} !^$

# Only allow linking from mydomain.com
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain\.com/ [NC]

# If it isn't my domain, display a beautiful 403 error.
RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F][/code]

Well, for external links it works fine: No site can set an <img> reference to a pic on my website. But... my problem is that I would like to disallow also direct links to pics on my website. I mean, for example, placing a direct URL in the browser to a pic on my domain. Shouldn't this .htaccess I've just posted also block this tries? Because it doesn't. Am I doing something wrong? What should I add to block these accessed too?

Thanks a lot for any help! :D

Share this post

Link to post
Share on other sites
It's in your own comments:

[code]# Allow blank referrer
RewriteCond %{HTTP_REFERER} !^$[/code]

When you type a URL into your web browser directly, there is no referrer set.  Thus this Condition is caught if the referrer is NOT (!) blank.  Removing the ! should make this work properly.

Your best bet though would just to be to create one rule, whereby anything without a referrer from your domain is blocked.  I do that for all sorts of stuff like CSS directories, image directories, javascript directories, etc.

Share this post

Link to post
Share on other sites
Thanx a lot Gorf! I think I have not clear some terms yet..  :-\

I just wanted to ask you, what do you exactly mean by creating the rule for blocking everything with a distinct domain of mine? My idea is blocking everything but some .html document, where I put a link to some image (for example, with a <img> tag). Any different URL referencing this image, including direct URL-pasting, should be blocked.

It seems it works ok now, but maybe I'm misundertanding something.

Thank you again!

Share this post

Link to post
Share on other sites


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.