homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

.htaccess help.

 9:02 am on Dec 10, 2002 (gmt 0)

I need help with this.
I want to allow everyone to dl BUT
I want to deny x sites from linking to the file because they say its thier own mirror when its not.

examples I have recieved hits to my files from

<snip> and various other sites.

It is becoming annoying.

say I want to protect X directory from X.com

what exactly would be in the htaccess file?

Kind of new at this too...

[edited by: jatar_k at 4:25 pm (utc) on Dec. 10, 2002]
[edit reason] no specifics please [/edit]



 8:10 pm on Dec 10, 2002 (gmt 0)


Take a look at the Apache documentation [httpd.apache.org], specifically mod_access [httpd.apache.org] and mod_rewrite [httpd.apache.org]. These two modules offer two different ways to restrict access to your site. mod_access is simpler, while mod_rewrite is more powerful.

Also, see the bottom of this Apache page [httpd.apache.org].

Then take a look around here on WebmasterWorld for many working examples (use the site search).



 8:18 pm on Dec 10, 2002 (gmt 0)

Do I detect a change in your answering policy, Jim?


 8:21 pm on Dec 10, 2002 (gmt 0)

I dont really understand the tutorials...

Would this be the entire .htaccess file

Order Allow,Deny
Allow from all
Deny from x.com


 8:27 pm on Dec 10, 2002 (gmt 0)

I dont really understand the tutorials

If you could be a bit more specific about the parts you do not understand Im sure somebody here could help you.



 8:29 pm on Dec 10, 2002 (gmt 0)


I need a .htaccess file to be placed in /folder1 to disallow ALL access from x.com x2.com x3.com and allow from ALL other websites :-/


 9:31 pm on Dec 10, 2002 (gmt 0)


<directory> won't work in .htaccess, but <files> will.

Also check out the SetEnvIf [httpd.apache.org] directive if you need to block by anything other than the IP address of the requester.

And remember to try a WebmasterWorld site search [searchengineworld.com], as this question has been answered at length and in detail many times.



 10:05 pm on Dec 10, 2002 (gmt 0)

I tried a few re write ones and they work BUT

for example the prevent image hot linking

it works BUT only if the user clicks on a link on my site

if they press F5 it shows no images hmm

Im a total n00b at .htaccess :-(

Trying to learn BUT

What would the entire htaccess file look like? lol Im trying tuts and all that :-/


I tried the site search
Get tons of pages some I really do not understand
When I try to reply or aska question the topic is too old
Then sometimes the site times out and have to REsearch


 10:21 pm on Dec 10, 2002 (gmt 0)

Welcome to WebmasterWorld Acecool!

This thread [webmasterworld.com] discusses blocking hotlinks and should get you started.

.htaccess is a simple text file with one directive per line. These directives can control many aspects of your site. An .htaccess in the root of your site defines behaviors for the entire site, an .htaccess file can be used in subdirectories on your site to manage the behaviors of that specific subdirectory too.

Sounds like you have a good deal to learn. We'll try to help!

[edited by: DaveAtIFG at 10:23 pm (utc) on Dec. 10, 2002]


 10:21 pm on Dec 10, 2002 (gmt 0)


Can you describe the problem more specifically? For example, is the problem limited to images, or is it images and html pages, too?

I assume that you want to block accesses referred by other sites, but if they are linking to your html pages, then you can't really do that unless you want to lose that traffic. If you block an image, then the image can't be included on another site's page, unless you allow it specifically. If you block link referrals, then visitors cannot get from that site to your site, i.e. using clicking on the link on the other site will result in a 403-Forbidden message for the visitor.

Fixing the problem may be easy, but defining the problem is hard; Reading the other posts may lead you to recognize one that discusses your problem. If not, you will at least pick up some of the ".htaccess vocabulary" needed to frame your question specifically.



 10:51 pm on Dec 10, 2002 (gmt 0)

I want to allow all referers EXCEPT for the people who are linking to Xfile.exe xfile.zip whatever
without giving me correct credit for hosting that file lots of sites are saying THEY are hosting, some are even charging for membership and not giving correct credit.

I just need something to allow me to choose what sites can link to my site/files and which ones get say an error, or get redirected to site_leecher.php or something


 11:04 pm on Dec 10, 2002 (gmt 0)


I got it

Thank you so much for your help :-)


 11:08 pm on Dec 30, 2002 (gmt 0)

Hi Acehole,

I am also fairly new to this, but have the exact opposite problem. I don't want any body to have access to specific directories other than from people linking from a specific site.

The reason is I have a partnership where I share content with another member site, but I host the content. So, I only want users that come from my partner's site to be able to access my members area and of course my members should have access.

How do I do this? Do I use .htaccess? Is this the same issue but in reverse? What was your solution?

Thanks for all of the help.

-- I'm a Windows Programmer trying to convert to Unix/Linux :)


 11:44 pm on Dec 30, 2002 (gmt 0)


As hinted at in a previous post in this thread, we try to steer people in the right direction, but generally try to avoid re-writing the same tutorials and "help-fix-my-site" posts repeatedly. Please see the links in message number 2 above (in this thread), and this Introduction to mod_rewrite [webmasterworld.com] for some very useful information.

To answer your specific question, yes, you can use .htaccess to "sort of" fix your problem. The reason I say "sort of" is that using HTTP_REFERER is not a totally reliable method for controlling access; Many browsers, proxy servers, and packages like Norton Internet Security will block referrer information. So, the best you can do is to allow access for your members, visitors from the other site you mention, and visitors whose browsers provide no referrer information.

If you block referrer-less accesses, you will have a lot of problems with blocking legitimate users, and you'll spend a lot of time playing "help desk." I would suggest allowing referrer-less access, and handling problems with unwanted visitors in another way, such as by blocking their IP addresses.

Hope this helps,


 12:21 am on Dec 31, 2002 (gmt 0)

This did help a lot. You sent me in the right direction, which helped me to understand how to go about this.



 5:27 am on Dec 31, 2002 (gmt 0)

RE: Hi Acehole,

Its Acecool

I have this in my htaccess file and only this, just save as .htaccess and put in the dir BUT you must put your domain in, and ip (open cmd prompt or msprompt whatever and type ping xxx.com org whatever)

RewriteEngine On
RewriteCond %{HTTP_REFERER}!^http://([a-z0-9-]+\.)*XXXXXXXXXXXXXXXXXXX.com/ [NC]
RewriteCond %{HTTP_REFERER}!^http://([a-z0-9-]+\.)*PPP.PPP.PPP.PPP/ [NC]
RewriteCond %{HTTP_REFERER}!^http://([a-z0-9-]+\.)*XXXXXXXXXXXXXXXXXXX.net/ [NC]

RewriteRule ^.*$ http://www.XXXXXXXXXXXXXXXXXXX.com/site_leecher.php [L,R]


and replace the
with your sites ip address

Hope this helps


 7:31 am on Dec 31, 2002 (gmt 0)

... and to avoid problems with referrer-less visitors, add another condition:

RewriteCond %{HTTP_REFERER} !^$

to the conditions above (order doesn't matter).

Note that a space is required between "REFERER}" and "!" in all RewriteConds! (The WebmasterWorld software eats the space when making a post, unless you use two.)

(We'll just hope venture was thinking "ace-in-the-hole") :)



 7:48 am on Dec 31, 2002 (gmt 0)

Thanks JD :-)

Now I can protect my images :-))))


 7:53 am on Dec 31, 2002 (gmt 0)


Sure, and make sure you check out this recent post [webmasterworld.com] - it comes in right handy as a second line of defense.



 12:36 pm on Dec 31, 2002 (gmt 0)

I actualy tried that, and tried dling my site with blackwidow

didnt do anything :-/

If I tried going trap.cgi it gave me a 500 error

I tried dif chmod settings but didnt work :-/


 4:39 pm on Dec 31, 2002 (gmt 0)


Make sure you edit the script and change all broken vertical pipe "" characters to solid vertical pipe characters (the one on your keyboard). The WebmasterWorld posting software seems to modify them, and this is a common cause of 500 errors in scripts and .htaccess stuff copied from this board. If this is not the problem, what did your error log say?


[edited by: jdMorgan at 6:46 pm (utc) on Dec. 31, 2002]


 5:03 pm on Dec 31, 2002 (gmt 0)


This is great :-)

I changed those and chmodded it dif. and now it works 100%

hehehehehehe :-))))))))) A new TOY wooohoooo

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved