Forum Moderators: phranque
Thanks to this forum, and specifically this thread [webmasterworld.com], I was successfully able to block people from remotely linking to my images and zip files. I had to use the one Jim listed for people unable to use Mod_Rewrite.
Specifically this one:
# Block image hot-linkers
SetEnvIf Referer "^$" allowimage
SetEnvIfNoCase Referer "^http://(www\.)?purrsiathunder\.net" allowimage
# Put your server's IP address in the next line
SetEnvIfNoCase Referer "^http://69\.57\.152\.50" allowimage
<FilesMatch "\.(zip gif jpe?g GIF JPE?G)$">
order allow,deny
allow from env=allowimage
</FilesMatch>
What I'm wondering now is how to add a few modifications I've seen for Mod_Rewrite versions of that script. I found scripts that would, for instance, allow you to make exceptions for yourself -- say if you had an ezboard account and wanted to allow yourself to remote link an avatar or sig pic. I've seen examples of how to do this with the Mod_Rewrite style, but have no clue how to (or even if it's possible to) add a line to get the same effect in the above code.
Also, I've likewise seen how those using Mod_Rewrite can insert a line of code that will make a specified image show up in place of the image that was trying to be remotely linked. How would I add that sort of thing to the above script?
Thanks in advance for any help that's provided.
Welcome to WebmasterWorld [webmasterworld.com]!
How you make exceptions depends upon the exact details of the exception. In the code above, all accesses referred by your site are allowed, and any restrictions apply only to the images listed in the <FilesMatch> section. So, you can add another SetEnvIf directive to create an additional exception based upon Remote_Address, Remote_Host, Request_URI, or any other HTTP header-based information, or you can narrow the definition of files affected by the code by tweaking the regular expressions [etext.lib.virginia.edu] inside the <FilesMatch> directive.
You can also create a second variable, set it based upon the same header-based information, and then test for it in a Deny from directive, with allow/deny precedence controlled by the existing Order directive.
The best guide to mastering this is the Apache documentation [httpd.apache.org] itself - and a good bit of experimentation.
As to substituting images, you can't do that with this approach. The ability to do a conditional redirect is one of the main attractions of mod_rewrite.
Jim
I'm glad I found this place. It's proving to be most helpful.
I'll look into those suggestions. It's too bad that only Mod_Rewrite allows me to replace the hotlinked image with something of my own making. Even so, I'm just glad I can block those bandwidth-suckers once and for all!
