homepage Welcome to WebmasterWorld Guest from 184.73.104.82
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
hotlinking and htaccess subdomain wildcard ?
rashe18

5+ Year Member



 
Msg#: 3840803 posted 1:44 am on Feb 3, 2009 (gmt 0)

Hello,

I prevent hotlinking using htaccess file:


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?allowedsite1.com(/)?.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?allowedsite2.com(/)?.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?allowedsite3.com(/)?.*$ [NC]
RewriteRule \.(gif¦GIF¦jpg¦JPG¦bmp¦BMP¦swf)$ /hotlinking/banned.gif [L,NC]

I want to add mail.live.com to the allowed sites but there are many subdomains such as:

sn105w.snt105.mail.live.com
bl105w.blu105.mail.live.com
bl106w.blu106.mail.live.com
bl108w.blu108.mail.live.com
bl117w.blu117.mail.live.com
bl118w.blu118.mail.live.com
bl122w.blu122.mail.live.com
bl130w.blu130.mail.live.com
bl133w.blu133.mail.live.com
bl144w.blu144.mail.live.com
by113w.bay113.mail.live.com
by118w.bay118.mail.live.com
by119w.bay119.mail.live.com
by129w.bay129.mail.live.com
by130w.bay130.mail.live.com
by135w.bay135.mail.live.com
by139w.bay139.mail.live.com
by141w.bay141.mail.live.com
by143w.bay143.mail.live.com
co103w.col103.mail.live.com
co118w.col118.mail.live.com

Is is it possible to add a wildcard which contains all mail.live.com urls ?

Thanks

 

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 3840803 posted 2:01 am on Feb 3, 2009 (gmt 0)

Jim or another will need to clean this up (definitely not my forte)

[a-z]{2}+[0-9]{3}+w\.[a-z]{3}+[0-9]{3}+\.mail\.live.com

See forum charter and "Regular Expressions Tutorial" near page top.
There are many examples of these wildcards in numerous threads.

jdMorgan

WebmasterWorld Senior Member jdmorgan us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3840803 posted 3:06 am on Feb 3, 2009 (gmt 0)


RewriteEngine on
#
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^http://(www\.)?allowedsite1\.com [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?allowedsite2\.com [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?allowedsite3\.com [NC]
RewriteCond %{HTTP_REFERER} !^http://([^.]+\.)+mail\.live\.com [NC]
RewriteCond %{REQUEST_URI} !^/hotlinking/banned\.gif$
RewriteRule \.(gif¦jpg¦bmp¦swf)$ /hotlinking/banned.gif [[b]NC[/b],L]

That new rewriteCond should do it. I also cleaned up several inefficiencies in other parts of the code. These clean-ups will not change the way the code works at all, except that it will run faster. For example, there was no need to include case-variations in the image-filetype pattern, because you already had the [NC] flag on the RewriteRule, making the pattern-match case-insensitive. Also ".*$" is a waste of time; Nothing changes at all if you just leave it off. All literal periods in regex patterns should be escaped as shown, unless they are part of an alternate [group] (as also shown).

Important: Replace the broken pipe "¦" characters above with solid pipe characters before use; Posting on this forum modifies the pipe characters.

Jim

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 3840803 posted 3:26 am on Feb 3, 2009 (gmt 0)

RewriteCond %{HTTP_REFERER} !^http://([^.]+\.)+mail\.live\.com [NC]

Jim,
Could you possibly translate this for a dunce?

Many thanks.

Don

edited by wilderness

([^.]+\.)+mail

Begins with AND Matches any one character
Matches the preceding element one or more times
escape DOT prior to bay

This closing confuses me?
Matches the entire previously closed statement one or more times?

I was following my first three explanations and somehow became lost in the "squall" ;)

[edited by: wilderness at 3:35 am (utc) on Feb. 3, 2009]

jdMorgan

WebmasterWorld Senior Member jdmorgan us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3840803 posted 3:35 am on Feb 3, 2009 (gmt 0)

"([^.]+\.)+" means "One or more instances of (one or more characters not a period, followed by a period)."

In other words "one or more subdomains".

Jim

[edit] Within an alternate character [group], the escaping rules change and "^" means NOT if it is the first character in the [group]. [/edit]

[edited by: jdMorgan at 3:37 am (utc) on Feb. 3, 2009]

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 3840803 posted 3:49 am on Feb 3, 2009 (gmt 0)

"^" means NOT if it is the first character

Jim,
My apologies.

Is this applied (in this instance) to differentiate between the 2nd or 3rd repeated instances of the different character sets?

jdMorgan

WebmasterWorld Senior Member jdmorgan us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3840803 posted 4:24 am on Feb 3, 2009 (gmt 0)

No, "([^.]+\.)+" just means "Match characters as long as they are NOT a period. Then require a period. Do the preceding one or more times."

I am very fond of negative-match patterns, because they are often the most efficient way to parse out a string. For example, in a URL-path, slashes are used to separate the "directory levels". So as in the example here, where periods are used to separate subdomain (and sub-sub-domain) levels, you can use "([^/]+/)+" to say, "match one or more directory levels."

Jim

Jim

g1smd

WebmasterWorld Senior Member g1smd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3840803 posted 9:49 am on Feb 3, 2009 (gmt 0)

It took me a while to understand the logic in that pattern, but I now find myself using it all the time.

rashe18

5+ Year Member



 
Msg#: 3840803 posted 4:31 pm on Feb 3, 2009 (gmt 0)

Thanks all.
Thanks jdMorgan.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved