1) Flush your browser cache before testing *any* change to access-control mechanisms.
2) Be aware that direct typed-in URLs, JavaScript links, and media player requests will have no referer, and will be allowed access by the second code snippet. This is the price we pay to avoid excluding AOL users and all users behind corporate and ISP caching proxies.

Referer-based access control is a simple, easy, partial solution. It's only good for stopping casual hotlinking in typical cases, and is not a bullet-proof solution. Comprehensive access control must rely on more sophisticated methods, such as cookie-based access-control scripts.

Jim

Hi Jim,
I have a "hot-link" test image on another .com serviced by a different hosting company on another server accrss the country. The way I do my testing is to Always clear browser cache before eack entry into the site.
First I test with htaccess not containing the "RewriteCond %{HTTP_REFERER}!^$ " term. With Foxfire browser and "disable referer logging" an entry into either the image origin site or the "hot-link test image should produce the error image and they do; no real images are shown by either, only error image is shown. With Foxfire referer logging enabled, the origin site should produce the real images and does, and the "hot-link" test should produce the error image and that is what it does. So everythings fine there.
Secondly I test with htaccess containing the term "RewriteCond %{HTTP_REFERER}!^$ " in the location shown in my opening post. All the ¦ are corrected. I test with "disable referer logging" and both sites produce real images so hot-linking is not in effect, and that is in working order. But then I "enable referer logging" and the "hot-link" test site shows the real image instead of the error image. That is wrong.
I can't for hell-or-high-water figure out what the cause is , because everything was working before the site's server "containg the real-images and htaccess file" was updated to Apache server 2.0 wtih Ensim and fedora. I'm stumped

Yes, that's pretty strange...

All I can think of right now is to try:

RewriteCond %{HTTP_REFERER} .

as the first line, using "." instead of "!^$".

It should not make any difference, though.

I'm assuming you've got the required spaces between "}" and "!" and that posting in the forum is removing them.

Jim

Thanks a million, Jim. I will look onto every aspect of these three seggestions. I fear the server compilation of it is a fault and to move it would be an incredible bear, what with the MYSQL, Perl-search and cgi all embedded serverside. Not to mentin the php stuff that I needed the MYSQL for. I really want to make this work again.
Thanks again, Rex

Oh no! It's got to be the server. Worst outcome. I tried the "." instead of "!^$", and my spaces were correct after the "}" for all line entries. No workum corectus.
I have rewrite conditions based on or a combination of the following:
REFERER
REQUEST_URI
USER_AGENT
REMOTE_ADDR
and only the REFERER has a malfunction. I can't even get a rewite based on it refered from an incoming gossip web-group where I used to. All the other conditions give effective rule implementations. I believe there were some glitches getting Ensim to be compatible with Apache 2.0 upgrade and Fedora, and mod-Rewrite was the casualty. There were other sites that suffered htaccess issues immediately after the upgrade.
Everything was working before Ensim did the upgrade. some other things are different now too. I had a tidy bandwidth-frugal 401 page for when a banned IP came in, but now they get this image-graphic-laden "Fedora Test Core page" including lengthly text, and I can't get the 401 to override it. I'd say everything wrong is on my end. Thanks for all your time and help. I need a to get on a linux-Apache server in a bad way now.