help with blocking hotlinking of images via htaccess - Apache Web Server forum at WebmasterWorld - WebmasterWorld

Forum Moderators: phranque

Message Too Old, No Replies

help with blocking hotlinking of images via htaccess

Munki

10:33 am on Apr 30, 2009 (gmt 0)

10+ Year Member

I've read many tutorials on blocking hotlinking of images and trying to get it to work on my site. This is my htaccess file in the root directory:

RewriteEngine on
RewriteRule ^[^:]*\.(php¦src¦jpg¦jpeg¦png¦gif¦bmp¦css¦js¦inc¦phtml¦pl¦ico¦html¦shtml)$ - [L,NC]
RewriteRule ^index.php?title - [L]
RewriteRule ^(.*)\&(.*)$ $1\%26$2
RewriteRule ^(.+)$ /index.php?title=$1 [L,QSA]RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?mywebsite\.com($¦/) [NC]
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?myotherwebsite\.com($¦/) [NC]
RewriteRule \.(gif¦jpg¦jpeg¦png¦mp3¦mpg¦avi¦mov)$ - [F,NC]

I also have placed this in my images folder:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?mywebsite\.com($¦/) [NC]
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?myotherwebsite\.com($¦/) [NC]
RewriteRule \.(gif¦jpg¦jpeg¦png¦mp3¦mpg¦avi¦mov)$ - [F,NC]

Whether I use the httaccess file in my image directory or use them in my root directory and image directory my site still allows hotlinking. I think rewrite rule for jpg's may have something to do with this. I can't disable the rewrites for jpgs because it would mess up image links on my site.

Any help on getting this to work?

jdMorgan

1:56 pm on Apr 30, 2009 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Before assuming the code doesn't work, be aware that when testing code like this, you must completely flush your browser cache *between every test*. Otherwise, your browser will display previously-cached images and error responses instead of actually trying to fetch the image from your server, and your test results will be confusing and wrong.

Also be aware that you must change all broken pipe "¦" characters in code copied from WebmasterWorld to solid pipe characters before use; Posting on this forum modifies the pipe characters.

It is likely that "[^:]*" in your first rule should be "[^.]+" instead. Or you could omit the entire "^[^:]*" part entirely without changing the result.

Jim

jdMorgan

2:04 pm on Apr 30, 2009 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Also, be aware that blank referrers must be allowed (as they are by your code) in order to support users whose ISPs use caching proxies, like AOL and EarthLink and many others. As a result, image URL requests that are typed-in to the browser or referenced by bookmarks will not be blocked.

Jim

Rufal

11:01 pm on Apr 30, 2009 (gmt 0)

10+ Year Member

Also I read somewhere that google has started to use image linking in the same manner as link building, so the more poeple that link your image the better you rank.

Haven't seen it proven but a good info to have when deciding whether to stop hotlinking or not.

Munki

11:22 pm on Apr 30, 2009 (gmt 0)

10+ Year Member

jdMorgan thank you very much! It was indeed my cache allowing the images to show again when I used a hotlink checker website. Once I cleared the cache the current setup indeed stops hotlinks. Sheesh I wracked my brains last night for more than 3 hours trying to fix this and it was working in the first place. Duh ... thanks again.

Rufal - that may or may not be true (I'm thinking from my results it isn't), but on the other hand I am using VPS system with metered memory usage. When hotlinking is allowed my memory usage doubles and I have to pay double the price. So that in itself is a good enough reason for me to stop it. Cheers..