Welcome to WebmasterWorld Guest from

Forum Moderators: keyplyr & mack

Message Too Old, No Replies

Anti-image leeching with .htaccess

12:01 pm on Oct 29, 2002 (gmt 0)

Full Member

10+ Year Member

joined:Aug 2, 2002
votes: 0

My site is a huge photogallery and I just opened a new domain (mydomain2) where I plan to simply keep JPG images. I'll use this second site as a source of bandwidth. When you call an HTML page of the first site the corresponding JPG is loaded from the second site.

I'd like to prevent image leeching and only allow GET requests for JPG images of the second site if the referrer is from the first site (or if it's Google). I might use the following rule:

RewriteEngine on
RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://(www\.)?mydomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER}!^http://www\.google\..*$ [NC]
RewriteRule \.(jpg¦JPG)$ [mydomain.com...] [R,L]

But how do I prevent somebody from viewing an image by directly entering a URL like this:


In other words I'd like to allow GET requests for JPG images from the second domain only if they come from the first domain - not if they are direct requests (and of course not if they are from another domain). How to do this?

11:18 pm on Nov 7, 2002 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 23, 2000
votes: 0

Bumping this thread for you scooter. Don't have the answer myself...anyone?
11:37 pm on Nov 7, 2002 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
votes: 0


Well, with .htaccess, you really can't... Your first RewriteCond is needed to allow your site to be viewed through proxy caches. If you take it out, then anyone without a referer won't be able to view your site. Many proxy caches block referers... And that looks the same as a directly-entered URL. :(

Also, remember that "anything.*$ [NC OR] is the same as "anything [NC,OR]" - just leave off the end anchor.