It is likely that your code is putting the server into a loop, because the new URI matches the pattern in your RewriteRule. So, stolen5.gif is rewritten to stolen5.gif is rewritten to stolen5.gif... until the server gives up. You should see this looping and timeout in your server error log.

In order to prevent this, add a RewriteCond:

#prevents hotlinking and returns stolen2.gif
RewriteCond %{HTTP_REFERER} [b].[/b]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain\.co[b]m[/b] [NC]
RewriteCond %{REQUEST_URI} !^/images/stolen5\.gif
RewriteRule \.(jpe?g¦gif¦bmp¦png)$ /images/stolen5.gif [L]

Note the other two "tweaks" I made, one in each RewriteCond. The first, changing "!^$" to "." is just a shorter way of saying the exact same thing, but avoids the annoying space deletion when posted here.

The second, removing the trailing slash from your domain, will prevent a problem when there is a port number appended to your domain, something which can be done by caching proxies without the visitor being aware of it. Example: www.mydomain.com:80/image.gif is perfectly valid, but would cause your original RewriteCond to fail.

If you are a stickler for precision, the following Cond would specifically handle both cases, while insisting that the tld be exactly ".com" and that the trailing slash be present:

RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain\.com(:[0-9]{1,5})?/ [NC]

(But I like the short version above better) :)

Jim

wits end ... frazzeled! ... almost bald

Thanks Jim, I tried both, but neither worked.

cleared cache in three browsers, closed 'em and tried again.

In fact, I've tried all of five below (chronolgically) making sure all broken pipes fixed and all spaces added :(

#prevents hotlinking and returns stolen5.gif
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER}!^http://(www\.)?mydomain\.com(:[0-9]{1,5})?/ [NC]
RewriteCond %{REQUEST_URI}!^/images/stolen5\.gif
RewriteRule \.(jpe?g¦gif¦bmp¦png)$ /images/stolen5.gif [L]

RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER}!^http://(www\.)?mydomain\.com [NC]
RewriteCond %{REQUEST_URI}!^/images/stolen5\.gif
RewriteRule \.(jpe?g¦gif¦bmp¦png)$ /images/stolen5.gif [L]

RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://(www\.)?mydomain\.com/ [NC]
RewriteRule \.(gif¦jpg)$ /stolen5.gif [R,NC]

RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://mydomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER}!^http://www.mydomain.com/.*$ [NC]
RewriteRule \.(gif¦jpg)$ /stolen5.gif [R,NC]

RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER}!^http://(www\.)?mydomain\.com/ [NC]
RewriteRule \.(jpe?g¦gif¦bmp¦png)$ /images/nohotlink.jpg [L]

I have some other errors in the error log, but if I use a 301 to redirect a hotlinked image (lower down ion htaccess than the code below) it works.

these are two of the other errors both the same IP:
.htaccess: RewriteCond: cannot compile regular expression '^65\.x x x\.41\.(19[2-9]¦2[01][0-9]¦22[0-3]'
.htaccess: Invalid command 'R', perhaps mis-spelled or defined by a module not included in the server configuration

P.S. thanks for reminding me of wannabrowser the other day. It helped better than using firefox's UA agent - sent a nice contribution, too!

I don't see any problems with the anti-hotlink code, but you *will* have to fix the other errors before you can actually decide it doesn't work.

The first error in your log file is because of a missing closing parenthese on the IP address alternatives.
The second one looks like you must have a typo, with one line in your file starting with "R".

If the code I posted above doesn't work, it is not because of an error in that code. (Sorry to sound like I have a fat head, but the code is correct as posted.)

Jim

certainly you are not a fathead! Since you gave me the code, I know it is correct, just trying to figure out why it isn't working and thought if I posted more info it might be helpful.

I cecked and I had the closing paren on the IP line in my htaccess, I just copied what showed in the error log and it ended as shown without the last bit and the paren -and- there is no line starting with just an R and no misspelling of any word beginning with an R (did a mass replace of each 'R' word, one letter at a time to be sure I didn't miss a misspelled word). Have NoteTab ramped up to font size 16 (per one of jdmorgan's previous suggestions). After hours of looking I can't find a single error in spelling, closing quotes, brackets, spaces, etc.

One other "anomaly". I 301'd to stolen5.gif about 30 images that are hotlinked in a kiddie forum. Then, so I could check to see if the code was working, I un-301'd one of them and after 8 hours, cache clearing and even rebooting, it is still showing the stolen5.gif where it should now show the actual image.

Ah, well I'll keep looking. Thanks for all your help Jim!