Welcome to WebmasterWorld Guest from

Forum Moderators: brotherhood of lan & mack

Message Too Old, No Replies

Anti-image leeching with .htaccess



12:01 pm on Oct 29, 2002 (gmt 0)

10+ Year Member

My site is a huge photogallery and I just opened a new domain (mydomain2) where I plan to simply keep JPG images. I'll use this second site as a source of bandwidth. When you call an HTML page of the first site the corresponding JPG is loaded from the second site.

I'd like to prevent image leeching and only allow GET requests for JPG images of the second site if the referrer is from the first site (or if it's Google). I might use the following rule:

RewriteEngine on
RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://(www\.)?mydomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER}!^http://www\.google\..*$ [NC]
RewriteRule \.(jpg¦JPG)$ [mydomain.com...] [R,L]

But how do I prevent somebody from viewing an image by directly entering a URL like this:


In other words I'd like to allow GET requests for JPG images from the second domain only if they come from the first domain - not if they are direct requests (and of course not if they are from another domain). How to do this?


11:18 pm on Nov 7, 2002 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

Bumping this thread for you scooter. Don't have the answer myself...anyone?


11:37 pm on Nov 7, 2002 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member


Well, with .htaccess, you really can't... Your first RewriteCond is needed to allow your site to be viewed through proxy caches. If you take it out, then anyone without a referer won't be able to view your site. Many proxy caches block referers... And that looks the same as a directly-entered URL. :(

Also, remember that "anything.*$ [NC OR] is the same as "anything [NC,OR]" - just leave off the end anchor.



Featured Threads

Hot Threads This Week

Hot Threads This Month