Forum Moderators: phranque
The code is, with names changed to protect the guilty:
rewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(www\.)?domain1\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?domain2\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?profile\.domain3\.com [NC]
RewriteRule [^/]+.(gif¦png¦jpg)$ - [F]
I am using a cgi script 404helper.cgi which is referred to in the root directory htaccess file and which helpfully sends me details of all 404 errors by regular e-mails. Some 404s are getting listed where the referring domain is a banned domain - but not many!
Is the above code correct?
Any idea why some leeching is getting through?
Martin Sach
*All* requests appear in the log, unless you use mod_log_config and additional directives to implement conditional logging. What's important is your server's response. Normal (successful) requests will result in a 200-OK response, while blocked requests will show a 403-Forbidden response. Either will result in a broken image icon being shown on the hotlinker's site.
That's what the [F] flag in your code does, it generates a 403 response. However, this may only occur for requests for files that exist -- I'm not sure. But either way, whether the server issues a 403 or a 404, the request is unsuccessful, and your goal is met.
As with any referrer-based access control, this code can fail if the referrer is blank. It's a bad idea to block blank referrers, though, because many users behind corporate and ISP caching proxies will cause requests to be made to your server with the referrer info missing, and they cannot do anything about it. That's just the way it is, and this limitation can only be overcome by using more sophisticated cookies and/or script-based methods to enforce access control for images.
Jim
The remaining puzzle is why a few (not many) file requests seem to get through to the extent that they register in the 404helper.cgi log, but I suppose this is not really important. Thanks for helping!
