Need help checking some hotlinking rules

Linda_A · November 15, 2011, 4:41pm

I’m having some issues with rewrites for blocking hotlinking of images under certain conditions and I was wondering if anyone could take a look at what I’ve got so far and whether that’s the best approach:



RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\\.)?mysite1.com/.*$		[NC]
RewriteCond %{HTTP_REFERER} !^http://(www\\.)?mysite2.org/.*$			[NC]	
RewriteCond %{REQUEST_URI}  !^/?Special/Directory/				[NC]		
RewriteRule \\.(gif|jpg|png|mp3)$    -						[F,NC,L]

RewriteCond %{HTTP_REFERER} ^http://(.+\\.)?bannedsite1\\.com/			[NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\\.)?bannedsite2\\.com/				[NC]
RewriteRule \\.(gif|jpg|png|mp3)$    -						[F,NC,L]

Alright, this is what I am trying to do:

First, allowing direct access.
Allowing linking from mysite 1 & 2.
Allowing all images in Special/Directory to show up anywhere since they are included on various aggregated feeds.
Blocking bannedsite 1 & 2 even from Special/Directory

rpkamp · November 15, 2011, 5:21pm

Yes that looks fine to me. The only thing I would change (and I’m nitpicking here) is to replace /.*$ at the end of the RewriteConds in the first block by just /. Since you don’t care what’s there, there’s no need to match it. Oh, and you forgot to escape the dot in .com and .org in those RewriteConds
I believe that technically you don’t need to put [L] on those rules since [L] is implied by [F], but it doesn’t hurt either so I’d just leave them.

HTH

Topic		Replies	Views
Preventing image hotlinking - is this code correct? Server Config	7	690	October 8, 2014
Hotlink protection: tried three examples without success Server Config	6	1304	October 8, 2014
Prevent Hotlinking? Server Config	3	667	December 1, 2010
Rewrite rule for blocking hot-link Server Config	8	841	October 8, 2014
Htaccess, preventing hotlinking Get Started	2	657	September 30, 2011

Need help checking some hotlinking rules

Related topics