1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 10:50 pm May 1, 2026

Forum Moderators: phranque

Message Too Old, No Replies

.htaccess problem, hotlinking image is not working

         

Retro_Alfa

11:58 am on Jul 13, 2011 (gmt 0)

10+ Year Member



Hi, I have sercehed the web and many other forums with no luck, apparently no one knows what is the problem with my configuration.

this is my .htaccess file and I have a error in hotlinking image code in my file. Can someone help me to identify the problem and help me solve my error. 

##
# @version $Id: htaccess.txt 14401 2010-01-26 14:10:00Z louis $
# @package Joomla
# @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##


#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
# mod_rewrite in use

RewriteEngine On

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
## Deny access to extension xml files (uncomment out to activate)
#<Files ~ "\.xml$">
#Order allow,deny
#Deny from all
#Satisfy all
#</Files>
## End of deny access to extension xml files
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)

# RewriteBase /


########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section

<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from 95.156.161.236
deny from 95.156.152.29
deny from 81.93.86.4


# Expirery headers
<FilesMatch "\.(ico|flv|jpe?g|png|gif|js|css|swf)$">
 ExpiresActive On
 ExpiresDefault "access plus 1 days"
</FilesMatch>

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} .(gif|jpg|jpeg|png)$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+.)?mysite.info/ [NC]
RewriteRule .(gif|jpg|jpeg|png)$ http://lulzimg.com/i23/myimage.jpg [NC,R,L]

wilderness

1:22 pm on Jul 13, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



hotlinking+Joomla [google.com]

esprcially this thread [webmasterworld.com]

g1smd

10:26 pm on Jul 13, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



The biggest problem is that it is far too late to block the request AFTER the code above it has rewritten the request to the PHP script and the hard drive is already serving up the content. The code is in the wrong place. It also contains a number of syntax errors.

Your exisiting .htaccess file is also very very old. Get a new copy (as "htaccess.txt") from either the Joomla 1.5.23 or later, or from the Joomla 1.6.2 or later, distribution. The new file has many changes, and is compatible with all earlier versions of Joomla.

It also contains a hint as to exactly where in that file any redirects should be placed in order to work correctly. 

RewriteEngine on
should appear only ONCE.

Escape ALL literal periods in patterns.

The "-f" test should be LAST so it only runs if all of the other conditions are true. 

jpg|jpeg
simplifies to 
jpe?g


Your code generates a 302 redirect to a different URL. You should use an internal rewrite instead.

Escape ALL literal periods in patterns.

Retro_Alfa

7:01 am on Jul 14, 2011 (gmt 0)

10+ Year Member



thank you very much g1smd, this is what I needed.

But I have one question what do you meen by: "Your code generates a 302 redirect to a different URL. You should use an internal rewrite instead."

lucy24

7:25 am on Jul 14, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



You don't want and don't need your hotlinkers to know that you are sending them to a different place than the one they asked for. You only need to change the physical image you're serving up. For that, a rewrite without redirect will do.

Or (if this is the part you didn't understand), remove the "R" from your RewriteRule. It only needs to say:

RewriteRule \.(gif|jpe?g|png)$ http://example.com/i23/myimage.jpg [NC,L]

Now, going beyond what you originally asked: This way of dealing with hotlinks can be lots of fun but it's still using your bandwidth. So you want to make your no-hotlinking image as small (in bytes) as possible. Most of the time this means an indexed png rather than a jpg. Mine for example is a 16-color png that weighs in at 2.4K even though physically it's pretty big. I could shave a further .4K by cutting it back to 4 colors, but haven't got around to it yet.

Remember, you're not saying "Dear visitor, I would be ever so grateful if you would kindly refrain from linking directly to my image" with a delicately tinted jpg to convey the polite message. You're saying "Get your filthy ### paws out of my ### bandwidth right ### now and put the ### picture on your own ### space if you think it's so ### irresistible." :)

g1smd

8:18 am on Jul 14, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Or (if this is the part you didn't understand), remove the "R" from your RewriteRule. It only needs to say:

RewriteRule \.(gif|jpe?g|png)$ http://example.com/i23/myimage.jpg [NC,L]

If the target contains a domain name then it is still a 302 redirect.

Remove BOTH the R and the domain name from the rule target. Only then is it an internal rewrite.

lucy24

7:32 pm on Jul 14, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Whoops, rewind.

This is assuming that the image you're pointing to actually lives in your domain. Got mixed up on the names there. If you've got more than one domain, you need to put a separate "Get your ### hotlinks out of here" image in each one.

Sending everyone to the same domain would cost you more in bandwidth than it saves in disk space.

Retro_Alfa

8:33 am on Jul 18, 2011 (gmt 0)

10+ Year Member



ok, I need a little more help. My hosting company has forbidden me to change my htaccess file any more. I have successfully crashed my website 3 times and probably raise the server load.

I have a few more questions:

Why should I not send my hotlinkers to another image host?

Escape ALL literal periods in patterns. <- I don't quite understand this, I think that my english is good but I can't figure this out.

Your code generates a 302 redirect to a different URL. You should use an internal rewrite instead. <- can you please explain this in more detail

lucy24

3:08 pm on Jul 18, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



My hosting company has forbidden me to change my htaccess file any more. I have successfully crashed my website 3 times and probably raise the server load.

Been there. Done that. :) Well, except for the "my hosting company has forbidden" part. Mine doesn't get involved.

Why should I not send my hotlinkers to another image host?

If the other site belongs to you, you're spending more in bandwidth than you're saving in disk space. If it doesn't belong to you, then you're also guilty of hotlinking. (This is legitimate in some circumstances but probably not here.) Take a copy of the image and park it in your own domain.

Escape ALL literal periods in patterns.

<- I don't quite understand this, I think that my english is good but I can't figure this out.

"Escape" means precede it with a backslash so the Regular Expression interprets it as the period character . rather than as "any one character" which is what . means in RegEx.

Your code generates a 302 redirect to a different URL. You should use an internal rewrite instead.
<- can you please explain this in more detail

The reference is to this line 

RewriteRule .(gif|jpg|jpeg|png)$ http://lulzimg.com/i23/myimage.jpg [NC,R,L]


You've made it into a Redirect in two different ways: By giving the full domain name in the target, and by including the [R] at the end. When you have hotlinks, you don't want and don't need to redirect (to officially send the hotlinker to a new location). You just need to physically display a different image.

:: how come everyone except me can figure out how to make their code display in a nice big fixed-pitch font? :( ::

g1smd

10:39 pm on Jul 18, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Redirect: 
RewriteRule \.(gif|jpe?g|png)$ http://example.com/i23/myimage.jpg? [NC,R=301,L]


Rewrite: 
RewriteRule \.(gif|jpe?g|png)$ /i23/myimage.jpg [L]


The [ code ] and [ /code ] tags are your friend.

Retro_Alfa

6:22 am on Jul 19, 2011 (gmt 0)

10+ Year Member



Thanks so much for replying, I understand it better now.
next try :D
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 10:50 pm May 1, 2026