smile Posted September 5, 2017 Share Posted September 5, 2017 Hello, I found that this is best remote hotlink protection htaccess script RewriteEngine on RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomainhere [NC] RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomainhere.*$ [NC] RewriteRule \.(gif|jpg|png)$ - [F] I want to be able to allow to show the php file that has an image on another domain using the code <?php readfile("http://mydomainhere.com/myfolder/content.php"); ?> So I tried to include othredomain.com into the htaccess script like this RewriteEngine on RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomainhere [NC] RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomainhere.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://(www\.)?otherdomain [NC] RewriteRule \.(gif|jpg|png)$ - [F] And it seems to work, but should I also include 2 lines like for mydomainhere ? RewriteEngine on RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomainhere [NC] RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomainhere.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://(www\.)?otherdomain [NC] RewriteCond %{HTTP_REFERER} !^http://(www\.)?otherdomain.*$ [NC] RewriteRule \.(gif|jpg|png)$ - [F] I must include in every subfolder or just the /myfolder/ ? Quote Link to comment https://forums.phpfreaks.com/topic/304877-htaccess-hotlink-filter-with-remote-readfile/ Share on other sites More sharing options...
Solution requinix Posted September 6, 2017 Solution Share Posted September 6, 2017 Whoever wrote those didn't quite understand what they were doing. You only need one for a domain. RewriteEngine on RewriteCond %{HTTP_REFERER} !^https?://(www\.)?mydomainhere/ [NC] RewriteCond %{HTTP_REFERER} !^https?://(www\.)?otherdomain/ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule \.(gif|jpg|png)$ - [F]The third line is to allow direct access in the browser, ie. copying and pasting the URL into the address bar directly. Quote Link to comment https://forums.phpfreaks.com/topic/304877-htaccess-hotlink-filter-with-remote-readfile/#findComment-1550827 Share on other sites More sharing options...
smile Posted September 6, 2017 Author Share Posted September 6, 2017 Thank you for reply. I do not want direct access using browser "copying and pasting the URL into the address bar directly". So I need only these right? RewriteEngine on RewriteCond %{HTTP_REFERER} !^https?://(www\.)?mydomainhere/ [NC] RewriteCond %{HTTP_REFERER} !^https?://(www\.)?otherdomain/ [NC] RewriteRule \.(gif|jpg|png)$ - [F] Quote Link to comment https://forums.phpfreaks.com/topic/304877-htaccess-hotlink-filter-with-remote-readfile/#findComment-1550830 Share on other sites More sharing options...
requinix Posted September 6, 2017 Share Posted September 6, 2017 That's a bad decision but yes. Quote Link to comment https://forums.phpfreaks.com/topic/304877-htaccess-hotlink-filter-with-remote-readfile/#findComment-1550831 Share on other sites More sharing options...
smile Posted September 6, 2017 Author Share Posted September 6, 2017 I have a question: 1. My site runs on http, should I also change the https in you code? Quote Link to comment https://forums.phpfreaks.com/topic/304877-htaccess-hotlink-filter-with-remote-readfile/#findComment-1550836 Share on other sites More sharing options...
Sepodati Posted September 6, 2017 Share Posted September 6, 2017 The question mark after the "s" makes it optional. So both http and https are covered. -John Quote Link to comment https://forums.phpfreaks.com/topic/304877-htaccess-hotlink-filter-with-remote-readfile/#findComment-1550838 Share on other sites More sharing options...
smile Posted September 6, 2017 Author Share Posted September 6, 2017 The question mark after the "s" makes it optional. So both http and https are covered. -John Thank you for explanation. Quote Link to comment https://forums.phpfreaks.com/topic/304877-htaccess-hotlink-filter-with-remote-readfile/#findComment-1550852 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.