SitePoint Sponsor

User Tag List

Results 1 to 11 of 11
  1. #1
    SitePoint Zealot grantus's Avatar
    Join Date
    Apr 2003
    Location
    TX
    Posts
    120
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    htaccess for a WMV file

    This is my htaccess code that I've been using, and it prevents people from hotlinking my WMV files, but I can't view the WMV file on my site! I have a page that has a WMV file embedded in it, yet it won't play when I use this htaccess:

    RewriteEngine on
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com(/)?.*/.*$ [NC]
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com(/)?.*$ [NC]
    RewriteRule .*\.(gif|jpg|jpeg|bmp|wmv)$ - [F]

    Can anyone help me out here? I want the WMV files to play on my site like normal, but not allow anyone to hotlink the WMV files.

    Thanks.

  2. #2
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    17,157
    Mentioned
    190 Post(s)
    Tagged
    2 Thread(s)

    regex

    The conditions are
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com(/)?.*/.*$ [NC]
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com(/)?.*$ [NC]
    (optional in square brackets)
    Not http://[www.]mysite.com[/]anything.anything - case insensitive
    and
    Not http://[www.]mysite.com[/]anything - case insensitive
    These are essentially the same because . is an anything
    (anything.anything is anything)
    RewriteRule .*\.(gif|jpg|jpeg|bmp|wmv)$ - [F]
    forbid any request ending in gif, jpg, jpeg, bmp or wmv

    I am not the best for regex, but the rewrite conditions could be replaced with something like
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !mysite\.com [NC]

  3. #3
    SitePoint Zealot grantus's Avatar
    Join Date
    Apr 2003
    Location
    TX
    Posts
    120
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hmm I tried that, still doesn't work. Any suggestions?

    Thanks.

  4. #4
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    17,157
    Mentioned
    190 Post(s)
    Tagged
    2 Thread(s)

    WMV files

    Forgive me for asking the obvious. Did the pages play the WMV files OK before the lines were added to the htaccess file?

  5. #5
    SitePoint Zealot grantus's Avatar
    Join Date
    Apr 2003
    Location
    TX
    Posts
    120
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You mean before I put WMV in the htaccess with [F]? Yeah it played fine. As soon as I put it in, it stops playing all together.

  6. #6
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    17,157
    Mentioned
    190 Post(s)
    Tagged
    2 Thread(s)

    htaccess

    I found an example online similar to your first post, except with the empty referrer and without the "minus sign" before the "forbidden".
    Code:
    RewriteEngine on
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com(/)?.*$ [NC]
    RewriteRule .*\.(gif|jpe?g|bmp|wmv)$ [F,NC]

  7. #7
    SitePoint Zealot grantus's Avatar
    Join Date
    Apr 2003
    Location
    TX
    Posts
    120
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Nope, that didn't work either. It lets everything through. So basically the code in my first post blocks everything, but also blocks the wmv from playing on my site (images load okay). I'm guessing that the reason why the wmv file is being blocked has something to do with HTTP_REFERER?

  8. #8
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    17,157
    Mentioned
    190 Post(s)
    Tagged
    2 Thread(s)

    WMV files

    It could be that somehow the "player" is considered the referrer.
    I found another example with a minus sign.
    Code:
    Options All
    RewriteEngine on
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
    RewriteRule \.(gif|jpg)$ - [F]
    But more importantly, I've also found an example that uses request uri
    Code:
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?phpground\.net [NC]
    RewriteCond %{REQUEST_URI} \.(mpg|mpeg|avi|wmv|mov|asf|zip)
    RewriteRule .* - [F]
    Maybe the URI syntax will work?
    (gotta love trial and error huh? persistance eventually pays off )

  9. #9
    SitePoint Zealot grantus's Avatar
    Join Date
    Apr 2003
    Location
    TX
    Posts
    120
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Not working either. I was reading somewhere that it's because the media players aren't sending a referer. That's probably it because I've tried pretty much everything! I've tried htaccess code generators too, nothing. Images no problem, just not the wmv files.

    If you have any other suggestions that would be great, you've helped a bunch already, thanks!

  10. #10
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    17,157
    Mentioned
    190 Post(s)
    Tagged
    2 Thread(s)

    player referrer values

    The line
    Code:
    RewriteCond %{HTTP_REFERER} !^$
    should include players that don't send a referrer value. I think they must send one, but what it is isn't common knowledge. Maybe it's possible to write a script to get it? It might take some real "hacking around" - Set the server to parse wmv files with PHP, then name the script findPlayerReferer.wmv - for example. Or maybe another way? hmmmm.

  11. #11
    SitePoint Evangelist
    Join Date
    Aug 2005
    Posts
    512
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Error log, access log may give you guys some indications.

    Also, use a CGI that shows all env variables to see the HTTP_REFERER sent by the palyer.

    On unix, it will do. (Set permission to 755).
    Code:
    #!/bin/sh
    echo
    date >>log.txt
    printenv|sort >>log.txt
    tail -50 log.txt
    Name it as set.cgi or anything with CGI, make sure it works by accessing it with a browser,
    and then use a rule like this:
    RewriteRule \.wnv$ set.cgi [L]

    Then see the log.txt
    You may find a hint.
    Freebie/DonationWare: check-these.info
    Custom solutions: Hostwick.com


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •