homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

Detect blank referrer in RewriteCond
For image hot linking

5+ Year Member

Msg#: 3391260 posted 6:07 am on Jul 11, 2007 (gmt 0)

I have the following rule to redirect all the images to a PHP script if the referrer is blank (not set?) or its not coming from my domain.

RewriteEngine On
RewriteCond %{HTTP_REFERER}!^$ [OR]
RewriteCond %{HTTP_REFERER}!domain\.com [NC]
RewriteRule (^blog/images/.*\.jpg$) /leech.php?src=$1 [L]

I tried and tested all the possible condition patterns but it's not allowing blank referrer to bypass the first rule. The second rule is working perfectly fine.


RewriteCond %{HTTP_REFERER} !="" [OR]
RewriteCond %{HTTP_REFERER} !. [OR]
RewriteCond %{HTTP_REFERER} !"" [OR]

Any suggestions?




WebmasterWorld Senior Member jdmorgan us a WebmasterWorld Top Contributor of All Time 10+ Year Member

Msg#: 3391260 posted 2:06 pm on Jul 11, 2007 (gmt 0)

"!" means NOT, that is, "!^$" means "NOT blank"

You can express blank with any of:

Having finished with that, I must warn you that blocking blank referrers will result in all visitors to your site from ISPs such as AOL, Earthlink, and others seeing your site as badly-broken. They, like many corporate users, sit behind caching proxies at the borders of their networks. The effect of these caching proxies --in addition to saving you bandwidth-- is to suppress the HTTP referer. Therefore, if you block access by their caching proxies with blank referrer headers, they will all think your site is broken. Be prepared to lose their business and/or to handle their technical support requests.

Bottom line: It is not a good idea to block blank referrers, since it is not reliable as any kind of indicator of malicious intent. That is why most of the code you will see posted here Allows blank referers. Despite that, it works well enough to stop most casual hotlinking.



WebmasterWorld Senior Member 10+ Year Member

Msg#: 3391260 posted 2:26 pm on Jul 11, 2007 (gmt 0)

Also many standard firewalls block referers by default. I think Norton and MacAfee both block by default.


5+ Year Member

Msg#: 3391260 posted 5:25 am on Jul 12, 2007 (gmt 0)

Thanks Jim.

I am aware that blocking blank referrers is not a good idea and that is why my PHP hot linking script does not block the image request but creates watermark image on the fly mentioning my site address.


Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved