Forum Moderators: phranque
RewriteEngine On
RewriteCond %{HTTP_REFERER}!^$ [OR]
RewriteCond %{HTTP_REFERER}!domain\.com [NC]
RewriteRule (^blog/images/.*\.jpg$) /leech.php?src=$1 [L]
I tried and tested all the possible condition patterns but it's not allowing blank referrer to bypass the first rule. The second rule is working perfectly fine.
Examples:
RewriteCond %{HTTP_REFERER} !="" [OR]
RewriteCond %{HTTP_REFERER} !. [OR]
RewriteCond %{HTTP_REFERER} !"" [OR]
Any suggestions?
Milan
You can express blank with any of:
^$
!.
""
Having finished with that, I must warn you that blocking blank referrers will result in all visitors to your site from ISPs such as AOL, Earthlink, and others seeing your site as badly-broken. They, like many corporate users, sit behind caching proxies at the borders of their networks. The effect of these caching proxies --in addition to saving you bandwidth-- is to suppress the HTTP referer. Therefore, if you block access by their caching proxies with blank referrer headers, they will all think your site is broken. Be prepared to lose their business and/or to handle their technical support requests.
Bottom line: It is not a good idea to block blank referrers, since it is not reliable as any kind of indicator of malicious intent. That is why most of the code you will see posted here Allows blank referers. Despite that, it works well enough to stop most casual hotlinking.
Jim
I am aware that blocking blank referrers is not a good idea and that is why my PHP hot linking script does not block the image request but creates watermark image on the fly mentioning my site address.
Milan
