Forum Moderators: phranque
So I am using the following code in the htaccess file..
RewriteEngine on
RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://(www\.)?domain1.com(/)?.*$ [NC]
RewriteCond %{HTTP_REFERER}!^http://(www\.)?forum.domain.com(/)?.*$ [NC]
RewriteCond %{HTTP_REFERER}!^http://(www\.)?domain2.com(/)?.*$ [NC]
RewriteRule .*\.(zip¦ZIP¦dll¦DLL¦ocx¦OCX)$ [domain.com...] [R,NC]
Now I tested this and it works fine in IE based browsers. If you have a link directly to a file from an outside site it takes you to the specified domain instead. However it wont work in Mozilla Firefox, it still lets you download the file. Why? How can I fix it?
Thanks
The obvious answer is that you are not sending referer headers with F-fox. The fix is a little harder, because if you deny all who do not send referers, you could be blocking actual viewers from your site.
There are a couple of things you might want to think about.
1. If you decide you would like to block anyone not sending referer headers, you can remove your first line of code. (Please, note this will block anyone not sending referer headers, including search engines... if that is important.)
2. You might *try* adding a %{HTTP_HOST} condition to block any framing.
RewriteCond %{HTTP_HOST} !^http://(www\.)?domain2.com [NC]
Maybe someone else has a better idea for your original question.
Adjustments you might consider to making to your original code, for efficiency and flexibility:
RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain1.com [NC,OR]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?forum.domain.com [NC,OR]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain2.com [NC,OR]
RewriteRule .+\.(zip¦ZIP¦dll¦DLL¦ocx¦OCX)$ [domain.com...] [R=301,NC]
1. By switching to . the check is simply for any single character (saves a couple of characters, slightly increases efficiency, and has the same effect.)
2. By removing this (/)?.* portion of your code along with the line ending $, 'and anything else' is implied, so rather than actually continuing to match a pattern it is simply accepted as true when the first portion is matched.
3. By adding OR to your 'directives' or 'flags' the implicit AND of the original rule is removed, so your code should be more solid and perform closer to what you are actually wanting.
4. By changing to .+ from .* the pattern checking is *much* more efficient. (don't ask just know it is), and + checks for '1 or more of the previous characters', so unless you have a file called '.zip' there should be no effect in the matching of the rule.
Hope this helps, sorry I don't have a better answer for your original question.
Justin
I misread your initial post...
Please, remove the [OR] I told you to include... because of the use of!(not) it is correct the way you had it before.
And the .+ should be [^.]+ to gain effieciency, which will catch 'anything not a dot' then the catch-all pattern matching will be broken at the .(dot) and exact pattern matching will begin after the .(dot) in your rule.
Very sorry, appearantly I absolutely missed this one.
Justin
