Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Hot Link Protection via .htaccess
 View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other
Author Message
spasticdonkey
RavenNuke(tm) Development Team



Joined: Dec 02, 2006
Posts: 1693
Location: Texas, USA
PostPosted: Mon May 07, 2007 6:24 pm Reply with quote
Well I have setup hotlink protection in .htaccess and it works, but there was one feature I couldnt quite get working. I am trying to substitute an image of my choosing, when someone hotlinks to one of mine

Code:
RewriteEngine on


RewriteCond %{HTTP_REFERER} !^$


RewriteCond %{HTTP_REFERER} !^http://mysite.com/.*$      [NC]


RewriteCond %{HTTP_REFERER} !^http://mysite.com$      [NC]


RewriteCond %{HTTP_REFERER} !^http://www.mysite.com/.*$      [NC]


RewriteCond %{HTTP_REFERER} !^http://www.mysite.com$      [NC]


RewriteRule .*\.(gif|jpg|mp3|css|js)$ http://www.mysite.com/angryman.gif [R,NC]


Is hotlink protection itself blocking the display of the image? Or have I made a mistake in there somewhere?

Just to warn others, one mistake I made at first was not including the address without the www too. Since my site works either way, I was blocking images from my own site Sad
 
View user's profile Send private message Visit poster's website
hitwalker
Sells PC To Pay For Divorce



Joined:
Posts: 5661
PostPosted: Mon May 07, 2007 7:31 pm Reply with quote
this should be enough i think..

RewriteCond %{HTTP_REFERER} !^http://(www\.)?yoursite.com(/)?.*$ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{REQUEST_URI} !/info/ [NC]
RewriteRule \.(png|gif|jpe?g)$ http://www.yoursite\.com/info/abuse.png [NC,R,L]

the folder info is where to put abuse image...
keep any used image small,prefered a few hundred bytes.
 
View user's profile Send private message
spasticdonkey
PostPosted: Thu May 10, 2007 1:57 pm Reply with quote
thanks I'll give it a try. Still recovering from a total pc meltdown so might be a bit. I also wanted to block
js flv css wmv mp3 files but assume I would do so on another line, like so?
Code:



RewriteCond %{HTTP_REFERER} !^http://(www\.)?yoursite.com(/)?.*$ [NC] 


RewriteCond %{HTTP_REFERER} !^$ 


RewriteCond %{REQUEST_URI} !/info/ [NC] 


RewriteRule \.(png|gif|jpe?g)$ http://www.yoursite\.com/info/abuse.png [NC,R,L] 


RewriteRule \.(js|css|flv|wmv|mp3)$ [NC,R,L]


i assume you were breaking the code with the "?" (jpe?g) any other breaks? Also does doing it this way remove the need to list the allowed domains by both www.yoursite.com and yoursite.com ?

also, does this work if you draw the replacement image from another server/domain?

thanks Smile


Last edited by spasticdonkey on Thu May 10, 2007 2:10 pm; edited 1 time in total 
hitwalker
PostPosted: Thu May 10, 2007 2:00 pm Reply with quote
no...the code is like you see it...
long time ago i had to experiment a bit to realy get it working like i wanted..
but you expand it as you like..
 
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
PostPosted: Fri May 11, 2007 6:40 am Reply with quote
Quote:

i assume you were breaking the code with the "?" (jpe?g) any other breaks


I am not taking over the thread... Wink I just want to explain the above a bit (you cannot take the teacher out of me...):

The "e?", actually, is basically allowing this to match on both "jpg", without the "e" notice, and also "jpeg". That's all.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©