SitePoint Sponsor |
|
User Tag List
Results 1 to 9 of 9
Thread: htaccess and hotlinking
-
Oct 21, 2002, 02:04 #1
- Join Date
- Jan 2002
- Posts
- 103
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
htaccess and hotlinking
So, there's this code to put in the .htaccess file to prevent hotlinking:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]
But let's say that I made a deal with a friend and want my friend to be able to hotlink to my images. Just their website, and my website -- and no one else -- linking to my images.
Is this possible? I'd rather not be redundant with 2 directories of the same images each with their own .htaccess files.
-
Oct 21, 2002, 13:19 #2
- Join Date
- Jul 2001
- Location
- Italy
- Posts
- 4,514
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Do you and your friend have a static ip address ?!?
If so you could use:
.htaccess
<FilesMatch "\.(gif|jpe?g|png)$">
order deny,allow
deny from all
allow from your.own.ip.address your.friend.ip.address
</Files>
pippo
-
Oct 22, 2002, 04:56 #3
- Join Date
- Jan 2002
- Posts
- 103
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
That didn't work. I got an internal server error and my geocities account was able to link to those images. Hm.
-
Oct 22, 2002, 05:50 #4
- Join Date
- Jul 2001
- Location
- Italy
- Posts
- 4,514
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Yesterday I tested those rules using:
.htaccess
Code:<FilesMatch "\.(gif|jpe?g|png)$"> order deny,allow deny from all allow from 127.0.0.1 127.0.0.2 </Files>
-
Oct 22, 2002, 11:34 #5
Moved to a more appropriate forum
SeanHarry Potter
-- You lived inside my world so softly
-- Protected only by the kindness of your nature
-
Oct 22, 2002, 11:58 #6
- Join Date
- Aug 1999
- Location
- East Lansing, MI USA
- Posts
- 12,937
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
pippo wouldn't that just deny images to all surfers?
Servers do not just serve images any time an HTML page is requested, they (the images) need to be requested. So Joe Smith browsers over to your site, his copy of IE requests an image, and since his IP address isn't allowed he can't get the image.
This, however, should work:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?hisdomain.com/.*$ [OR]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]Chris Beasley - I publish content and ecommerce sites.
Featured Article: Free Comprehensive SEO Guide
My Guide to Building a Successful Website
My Blog|My Webmaster Forums
-
Oct 29, 2002, 07:00 #7
- Join Date
- Jan 2002
- Posts
- 103
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Thanks aspen, but that didn't work. However, I tried this:
Code:RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?hisdomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC] RewriteRule \.(gif|jpg)$ - [F]
-
Oct 29, 2002, 07:21 #8
- Join Date
- Jul 2001
- Location
- Italy
- Posts
- 4,514
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
CRA,
when using many RewriteCond in cascade they are considered as an AND by default.
Unless you specify in the rewrite flags OR.
So basically what you write can be interpreted as:
IF ( (HTTP_REFERER != '') AND (HTTP_REFERER != 'hisdomain.com') AND (HTTP_REFERER != 'mydomain.com')) THEN
{
// DENY IT
}
pippoLast edited by pippo; Oct 29, 2002 at 07:26.
-
Oct 29, 2002, 07:31 #9
- Join Date
- Jul 2001
- Location
- Italy
- Posts
- 4,514
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
By the way it's better to write:
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^$ [OR]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?hisdomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]
that would be interpreted as:
IF ( (HTTP_REFERER == '') OR (HTTP_REFERER != 'hisdomain.com') AND (HTTP_REFERER != 'mydomain.com')) THEN
{
// DENY IT
}
So when HTTP_REFERER is empty
OR
if HTTP_REFERER is different from hisdomain.com
AND HTTP_REFERER is different from mydomain.com
the images will be denied.
The last rules I wrote should be better than yours,
because you didn't prevent hotlinking when HTTP_REFERER is empty.
Please note that I'm a beginner using RewriteCond in cascade, so suggestions are always welcomed
pippoLast edited by pippo; Oct 29, 2002 at 07:37.
Bookmarks