Acecool,

Take a look at the Apache documentation [httpd.apache.org], specifically mod_access [httpd.apache.org] and mod_rewrite [httpd.apache.org]. These two modules offer two different ways to restrict access to your site. mod_access is simpler, while mod_rewrite is more powerful.

Also, see the bottom of this Apache page [httpd.apache.org].

Then take a look around here on WebmasterWorld for many working examples (use the site search).

HTH,
Jim

Do I detect a change in your answering policy, Jim?

I dont really understand the tutorials...

Would this be the entire .htaccess file

<Directory>
Order Allow,Deny
Allow from all
Deny from x.com
</Directory>

I dont really understand the tutorials

If you could be a bit more specific about the parts you do not understand I´m sure somebody here could help you.

Andreas

Well

I need a .htaccess file to be placed in /folder1 to disallow ALL access from x.com x2.com x3.com and allow from ALL other websites :-/

Acecool,

<directory> won't work in .htaccess, but <files> will.

Also check out the SetEnvIf [httpd.apache.org] directive if you need to block by anything other than the IP address of the requester.

And remember to try a WebmasterWorld site search [searchengineworld.com], as this question has been answered at length and in detail many times.

Jim

I tried a few re write ones and they work BUT

for example the prevent image hot linking

it works BUT only if the user clicks on a link on my site

if they press F5 it shows no images hmm

Im a total n00b at .htaccess :-(

Trying to learn BUT

What would the entire htaccess file look like? lol Im trying tuts and all that :-/

EDIT

I tried the site search
Get tons of pages some I really do not understand
When I try to reply or aska question the topic is too old
Then sometimes the site times out and have to REsearch

Welcome to WebmasterWorld Acecool!

This thread [webmasterworld.com] discusses blocking hotlinks and should get you started.

.htaccess is a simple text file with one directive per line. These directives can control many aspects of your site. An .htaccess in the root of your site defines behaviors for the entire site, an .htaccess file can be used in subdirectories on your site to manage the behaviors of that specific subdirectory too.

Sounds like you have a good deal to learn. We'll try to help!

[edited by: DaveAtIFG at 10:23 pm (utc) on Dec. 10, 2002]

Acecool,

Can you describe the problem more specifically? For example, is the problem limited to images, or is it images and html pages, too?

I assume that you want to block accesses referred by other sites, but if they are linking to your html pages, then you can't really do that unless you want to lose that traffic. If you block an image, then the image can't be included on another site's page, unless you allow it specifically. If you block link referrals, then visitors cannot get from that site to your site, i.e. using clicking on the link on the other site will result in a 403-Forbidden message for the visitor.

Fixing the problem may be easy, but defining the problem is hard; Reading the other posts may lead you to recognize one that discusses your problem. If not, you will at least pick up some of the ".htaccess vocabulary" needed to frame your question specifically.

Jim

I want to allow all referers EXCEPT for the people who are linking to Xfile.exe xfile.zip whatever
without giving me correct credit for hosting that file lots of sites are saying THEY are hosting, some are even charging for membership and not giving correct credit.

I just need something to allow me to choose what sites can link to my site/files and which ones get say an error, or get redirected to site_leecher.php or something

WOOHOOOOO

I got it

Thank you so much for your help :-)

Hi Acehole,

I am also fairly new to this, but have the exact opposite problem. I don't want any body to have access to specific directories other than from people linking from a specific site.

The reason is I have a partnership where I share content with another member site, but I host the content. So, I only want users that come from my partner's site to be able to access my members area and of course my members should have access.

How do I do this? Do I use .htaccess? Is this the same issue but in reverse? What was your solution?

Thanks for all of the help.
Preston

-- I'm a Windows Programmer trying to convert to Unix/Linux :)

venture,

As hinted at in a previous post in this thread, we try to steer people in the right direction, but generally try to avoid re-writing the same tutorials and "help-fix-my-site" posts repeatedly. Please see the links in message number 2 above (in this thread), and this Introduction to mod_rewrite [webmasterworld.com] for some very useful information.

To answer your specific question, yes, you can use .htaccess to "sort of" fix your problem. The reason I say "sort of" is that using HTTP_REFERER is not a totally reliable method for controlling access; Many browsers, proxy servers, and packages like Norton Internet Security will block referrer information. So, the best you can do is to allow access for your members, visitors from the other site you mention, and visitors whose browsers provide no referrer information.

If you block referrer-less accesses, you will have a lot of problems with blocking legitimate users, and you'll spend a lot of time playing "help desk." I would suggest allowing referrer-less access, and handling problems with unwanted visitors in another way, such as by blocking their IP addresses.

Hope this helps,
Jim

This did help a lot. You sent me in the right direction, which helped me to understand how to go about this.

Thanks.
Preston

RE: Hi Acehole,

Its Acecool

I have this in my htaccess file and only this, just save as .htaccess and put in the dir BUT you must put your domain in, and ip (open cmd prompt or msprompt whatever and type ping xxx.com org whatever)

RewriteEngine On 
RewriteCond %{HTTP_REFERER}!^http://([a-z0-9-]+\.)*XXXXXXXXXXXXXXXXXXX.com/ [NC] 
RewriteCond %{HTTP_REFERER}!^http://([a-z0-9-]+\.)*PPP.PPP.PPP.PPP/ [NC] 
RewriteCond %{HTTP_REFERER}!^http://([a-z0-9-]+\.)*XXXXXXXXXXXXXXXXXXX.net/ [NC] 
RewriteRule ^.*$ http://www.XXXXXXXXXXXXXXXXXXX.com/site_leecher.php [L,R] 

Replace
XXXXXXXXXXXXXXXXXXX

and replace the
PPP.PPP.PPP.PPP
with your sites ip address

Hope this helps

... and to avoid problems with referrer-less visitors, add another condition:

RewriteCond %{HTTP_REFERER} !^$

to the conditions above (order doesn't matter).

Note that a space is required between "REFERER}" and "!" in all RewriteConds! (The WebmasterWorld software eats the space when making a post, unless you use two.)

(We'll just hope venture was thinking "ace-in-the-hole") :)

Jim

Thanks JD :-)

Now I can protect my images :-))))

AceCool,

Sure, and make sure you check out this recent post [webmasterworld.com] - it comes in right handy as a second line of defense.

Jim

I actualy tried that, and tried dling my site with blackwidow

didnt do anything :-/

If I tried going trap.cgi it gave me a 500 error

I tried dif chmod settings but didnt work :-/

acecool,

Make sure you edit the script and change all broken vertical pipe "¦" characters to solid vertical pipe characters (the one on your keyboard). The WebmasterWorld posting software seems to modify them, and this is a common cause of 500 errors in scripts and .htaccess stuff copied from this board. If this is not the problem, what did your error log say?

Jim

[edited by: jdMorgan at 6:46 pm (utc) on Dec. 31, 2002]

Wow

This is great :-)

I changed those and chmodded it dif. and now it works 100%

hehehehehehe :-))))))))) A new TOY wooohoooo