Need help checking some hotlinking rules

I’m having some issues with rewrites for blocking hotlinking of images under certain conditions and I was wondering if anyone could take a look at what I’ve got so far and whether that’s the best approach:



RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\\.)?mysite1.com/.*$		[NC]
RewriteCond %{HTTP_REFERER} !^http://(www\\.)?mysite2.org/.*$			[NC]	
RewriteCond %{REQUEST_URI}  !^/?Special/Directory/				[NC]		
RewriteRule \\.(gif|jpg|png|mp3)$    -						[F,NC,L]

RewriteCond %{HTTP_REFERER} ^http://(.+\\.)?bannedsite1\\.com/			[NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\\.)?bannedsite2\\.com/				[NC]
RewriteRule \\.(gif|jpg|png|mp3)$    -						[F,NC,L]

Alright, this is what I am trying to do:

  1. First, allowing direct access.
  2. Allowing linking from mysite 1 & 2.
  3. Allowing all images in Special/Directory to show up anywhere since they are included on various aggregated feeds.
  4. Blocking bannedsite 1 & 2 even from Special/Directory

Yes that looks fine to me. The only thing I would change (and I’m nitpicking here) is to replace /.*$ at the end of the RewriteConds in the first block by just /. Since you don’t care what’s there, there’s no need to match it. Oh, and you forgot to escape the dot in .com and .org in those RewriteConds :slight_smile:
I believe that technically you don’t need to put [L] on those rules since [L] is implied by [F], but it doesn’t hurt either so I’d just leave them.

HTH :slight_smile: