Forum Moderators: phranque
I ignored their hits when its bandwidth consumption was quite low but now it is going on increasing day by day and had reached almost around 200+ hits from each forum.
I then tried blocking all those hot links with regular htaccess formula allowing only my website to show JPG/BMP images and banning all the rest of the websites with or without referrer header (I know it sound very rude but I had to do that to preserve my bandwidth for the rest of the February).
The code goes like this:
RewriteEngine on
RewriteCond %{HTTP_REFERER}!^http://(www\.)?mysite\.com [NC]
RewriteRule \.(bmp¦jpg)$ /leech.gif [NC,L]
I intentionally kept leech.gif as a replacement image as I was having only that GIF file on my website.
This worked really well and blocking almost all the hot linking request outside of my domain.
Soon I realized that I am banning Google Image Bot + Google Image Search and other picture search engines which were driving good traffic to my website. I reversed the htaccess formula and tried blocking only that forum websites from hot linking, using the following code:
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://(www\.)?hotlinkingsite\.com [NC]
RewriteRule \.(bmp¦jpg)$ /leech.gif [NC,L]
However, to my surprise it did not worked at all! I tried removing regular expressions but did not help.
RewriteCond %{HTTP_REFERER} hotlinkingsite\.com [NC]
Could anyone please suggest what is going wrong or am I missing out something unnoticeable mistake in my code?
Just to inform you all that I have taken all the precautions of flushing cache from IE, checking mod_rewrite and double checking all the logs, etc.
Any suggestion in preserving my bandwidth from hot linking is greatly appreciated.
RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite\.com [NC]
RewriteRule \.(bmp¦jpg)$ /leech.gif [NC,L]
Jim
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://(www\.)?hotlinkingsite\.com [NC]
RewriteRule \.(bmp¦jpg)$ /leech.gif [NC,L]
I want your suggestion about the above code. I implemented it but it is not working as it should be, it still allows hot linking form hotlinkingsite.com.
About bots, how about adding this extra line to allow them to see my images.
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://(www\.)?hotlinkingsite\.com [NC]
RewriteCond %{HTTP_USER_AGENT}!^(psbot¦googlebot¦slurp¦msnbot) [NC]
RewriteRule \.(bmp¦jpg)$ /leech.gif [NC,L]
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://(www\.)?hotlinkingsite\.com [NC]
RewriteRule \.(bmp¦jpg)$ /leech.gif [NC,L]
I don't at all mean to be flippant, but I see no other explanation for why the code would not work. Since you said that the code I posted above works, that implies that mod_rewrite generally works on your server. So all I'm left with is the annoying problem we have here with pipe characters changing when posted. A solid pipe means "OR" to the regular-expresions parser, whereas a broken pipe simply matches literal broken pipe character...
Any time you successfully display the hotlinked image in your browser, you need to flush your browser cache before making a subsequent test that should fail to load and display the image. If you don't flush the cache, then your browser will display the cached image; It won't even try to load the image from your server. If the browser doesn't send a request to the server, then the server can't block that request. The same is true once you've displayed the hotlink-replacement image -- Flush the cache before the next test.
You can turn off your browser cache, or mark the image as uncacheable by using Apache mod_headers to add a cache-control header when the image is served.
I guess I should add that the code example won't work to block the hotlinking of a gif image, unless you add an exclusionary RewriteCond to prevent a rewrite loop.
Other than these points, I'm out of ideas.
Jim
My conclusion is that mod_rewrite is only parsing negate expressions
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite\.com [NC]
and not parsing simple matching expressions
RewriteCond %{HTTP_REFERER} ^http://(www\.)?hotlinkingsite\.com [NC]
Even I am not getting how this could be possible!
Finally, I gave up on matching to specific referrer and now I am planning to allow my domain, search engine domains and search engine bots to see my images.
How about this code? Is it fine and error free? I cannot test this against all the referrer except my own domains so please do suggest any correction for this code.
RewriteEngine on
RewriteCond %{HTTP_REFERER}!^http://(www\.)?mysite\.com [NC]
RewriteCond %{HTTP_REFERER}!^http://(www\.)?.*(google¦yahoo¦msn¦ask¦lycos¦alexa) [NC]
RewriteCond %{HTTP_USER_AGENT}!^.*(psbot¦googlebot¦slurp¦msnbot¦teoma¦lycos¦ia_archiver¦spider¦crawler¦bot) [NC]
RewriteRule \.(bmp¦jpg)$ /leech.gif [NC,L]
It's not possible -- as long as the regular-expressions library and Apache installation on your machine is not corrupted. If the single-referrer code we discussed just preceding does not work when installed and tested exactly as shown, then there's something fundamentally wrong with your server.
Your new code looks OK, although you can write "!^.*(psbot..." as "!(psbot..." to save some processing time.
Jim
Taken note of your last suggestion and accordingly changed the final code.
Thank you very much for all the prompt and effective replies. Good day Jim.
