homepage Welcome to WebmasterWorld Guest from 54.204.73.126
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
help with understanding an odd htaccess file
trader

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3367136 posted 6:14 am on Jun 14, 2007 (gmt 0)

Hi, I stumbled across this odd htaccess file in my root directory (not sure how it got there) and was hoping someone could possible explain what it does? Thanks. I replaced the actual domain name (which site was not connected to me) to example.com)

RewriteEngine on
RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://(www.)?example.com.*$ [NC]
RewriteRule .(gif¦jpg)$ - [F]

 

mcavic

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3367136 posted 7:11 pm on Jun 14, 2007 (gmt 0)

It prevents other sites from linking to images on your server, to save bandwidth.

If the referrer is not blank and it's not your site (example.com), then it will deny access to the image.

aeramas

5+ Year Member



 
Msg#: 3367136 posted 12:05 am on Jun 19, 2007 (gmt 0)

if the .htaccess file prevents links to your pics, is that stictly the jpg and gif or does it include jpeg and giff and png images as well?

mcavic

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3367136 posted 12:34 am on Jun 19, 2007 (gmt 0)

It only blocks the exact extensions listed, but you can add others: (gif¦jpg¦jpeg¦png¦bmp)

jdMorgan

WebmasterWorld Senior Member jdmorgan us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3367136 posted 1:18 am on Jun 19, 2007 (gmt 0)

There are a couple of mistakes and inefficiencies in that code, so let's stop it from spreading further. Try this:

RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com [NC]
RewriteRule \.(gif¦jpe?g¦png¦bmp)$ - [F]

This is just a clean-up; Function is unchanged except for adding the jpeg, png, and bmp filetypes.

Replace the broken pipe "¦" characters above with solid pipe characters before use; Posting on this forum modifies the pipe characters.

Jim

aeramas

5+ Year Member



 
Msg#: 3367136 posted 1:43 am on Jun 19, 2007 (gmt 0)

where is a good place to learn the "syntax" of the .ht files?

eelixduppy

WebmasterWorld Senior Member eelixduppy us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 3367136 posted 3:00 am on Jun 19, 2007 (gmt 0)

>> where is a good place to learn the "syntax" of the .ht[access] files?

[httpd.apache.org...] :)

trader

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3367136 posted 1:51 pm on Jun 19, 2007 (gmt 0)

There are a couple of mistakes and inefficiencies in that code, so let's stop it from spreading further. Try this:

RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER}!^http://(www\.)?example\.com [NC]
RewriteRule \.(gif¦jpe?g¦png¦bmp)$ - [F]

This is just a clean-up; Function is unchanged except for adding the jpeg, png, and bmp filetypes.
Replace the broken pipe "¦" characters above with solid pipe characters before use; Posting on this forum modifies the pipe characters.

It turns out example.com was the 3rd party unrelated website which was heavily linking to my images. Is there a way to stop more than one site doing it? Thanks to Jim and others for the feedback.

mcavic

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3367136 posted 2:05 pm on Jun 19, 2007 (gmt 0)

Example.com should be your site, and it blocks all others.

trader

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3367136 posted 2:28 pm on Jun 19, 2007 (gmt 0)

Oh, did not know that! Is it any wonder it did not work? Surprised no one else in the thread mentioned that.

The htaccess file at issue (and example.com) was the domain of the 3rd party owned site which was doing non-authorized heavy hot linking of my images.

trader

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3367136 posted 2:20 am on Jun 21, 2007 (gmt 0)

There are a couple of mistakes and inefficiencies in that code, so let's stop it from spreading further. Try this:

RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER}!^http://(www\.)?example\.com [NC]
RewriteRule \.(gif¦jpe?g¦png¦bmp)$ - [F]

This is just a clean-up; Function is unchanged except for adding the jpeg, png, and bmp filetypes.
Replace the broken pipe "¦" characters above with solid pipe characters before use; Posting on this forum modifies the pipe characters.

Hi jdMorgan, Was wondering what the purpose of the (www\. is in this code since I 301 all my error code traffic to the non-www? Does that matter? Also, just to be certain about this code, should example.com in fact be my domain and not the domain I wish to block (as mcavic had stated)? Thanks to all.

jdMorgan

WebmasterWorld Senior Member jdmorgan us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3367136 posted 2:48 am on Jun 21, 2007 (gmt 0)

I hope you like long answers... :)

Some ISPs --like Hughes Network (satellite)-- use proxy clients between the real client and your server. These proxy clients, located at the ISPs network operations center, are intended to compensate for the long-latency satellite signal travel time (22,300 miles X 4 / 186,000 mps = ~480 millisecond signal delay).

However, these proxy clients are not real smart, and don't follow HTTP redirects as a real client would. They request a page on behalf of the real client, then request all included objects (e.g. images, css, external JS files) referenced on that page, package up the whole mess, and send it up to the satellite and back down to the client. The client-side satellite software (in the satellite modem or installed on the client machine) then decompresses and un-bundles the package into the original page and all its components. Overall, this makes the link appear run faster.

However, if the vistor typed in your domain incorrectly, or clicked on an incorrect link (with www missing or present, whichever is 'wrong') then the satellite proxy client may have made all of those object requests with the incorrect www/no-www domain. His browser will have to retry all requests that got a 403-Forbidden response, and this will slow your page apparent page load time by at least an addition one-half second (and usually by a lot more).

Long story short, according to my log files showing satellite accesses, it's best to allow the non-canonical domain to access images, CSS, JS files, etc.. :)

Jim

trader

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3367136 posted 2:49 pm on Jun 21, 2007 (gmt 0)

Thanks Jim. Just to be sure about this is the non-canonical domain the one with no www and the canonical one includes the www? I am always confused on the term canonical.

Also, example.com is my domain and not the site I wish to block, right?

vincevincevince

WebmasterWorld Senior Member vincevincevince us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3367136 posted 2:50 pm on Jun 21, 2007 (gmt 0)

trader, you are right in all apart from the word conical - the correct word is canonical. The one with www. is canonical.

jdMorgan

WebmasterWorld Senior Member jdmorgan us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3367136 posted 3:22 pm on Jun 21, 2007 (gmt 0)

In the context of this thread, "canonical domain" may mean the "www" version, but actually, it is whatever you as a Webmaster want it to be: Your canonical domain is whichever you choose for your "preferred" domain, whether it's "example.com" or "www.example.com", or "any-other-subdomain-I-like.example.com".

"Canonical [google.com]" isn't some fancy tech term. It simply means "usual, customary, standard, basic, according to the rules, generally-accepted" and it is the site owner who gets to define the canonical domain for a site -- usually by 301-redirecting all non-canonical variants to the canonical domain.

Jim

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved