Welcome to WebmasterWorld Guest from 54.144.243.34

Forum Moderators: Ocean10000 & incrediBILL & phranque

htaccess Anti Hotlink question

htaccess Anti Hotlink question

   
8:48 pm on Apr 14, 2003 (gmt 0)

10+ Year Member



I have a question related tothe htaccess anti hotlink code:

I use this code in my htaccess file to stop hotlinkers;

RewriteEngine on
RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://MyWebSite.com/.*$ [NC]
RewriteCond %{HTTP_REFERER}!^http://wwWebmasterWorldebSite.com/.*$ [NC]
RewriteRule .*\.(gif¦GIF¦jpg¦JPG)$ [MyWebSite.com...] [R]

My question is if i add cgi¦pl to the RewriteRule .*\ line
would it then also automaticly stop other sites from using my cgi scripts?

i were thinking of chanhing the RewriteRule to :

RewriteRule .*\.(gif¦GIF¦jpg¦JPG¦cgi¦pl)$ [MyWebSite.com...] [R]

Othewr sites should be allowed to link tosome of my cgi scripts.but they may not runthem from there domains.

Will this work?

i look forward to your comments

8:54 pm on Apr 14, 2003 (gmt 0)

WebmasterWorld Senior Member drdoc is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I don't see why it wouldn't work :)
9:21 pm on Apr 14, 2003 (gmt 0)

10+ Year Member



I havent seen anyone using it like this ..
and it sounds in my head almost to good to be treu. ..
so thats why i asked it ;-)

hehe ok i go try it i will report the results.

10:39 pm on Apr 14, 2003 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member



StopSpam,

You can make the RewriteRule case-insensitive using the [NC] flag, and you probably should add an [L] flag. Since there is no start anchor, ".*" at the beginning of the pattern is no needed. Redirecting transparently (omitting the [R] flag) prevents them from easily figuring out what happened.


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?MyWebSite\.com/ [NC]
RewriteRule \.(gifŠjpe?g?ŠcgiŠpl)$ /no.gif [NC,L]

The pattern "http://(www\.)?MyWebSite\.com/" will match your site's domain, with or without "www." No trailing anchor or ".*" is needed.
The pattern "jpe?g?" will match jpeg, jpe, and jpg if you want to cover 'em all.

I would suggest handling your cgi and pl filetype blocks separately from the images. It will make no sense to a browser for a script request to be redirected to a .gif image file. Actually, I suggest creating a "dummy" file for each image type, and then using a rule like this:


RewriteRule .*\.(gifŠjpe?g?)$ /no.$1 [NC,L]

anything.gif gets redirected to no.gif
anything.jpg gets redirected to no.jpg
anything.jpe gets redirected to no.jpe
anything.jpeg gets redirected to no.jpeg

Alternately, you can just block them all and return 403-Forbidden


RewriteRule .*\.(gifŠjpe?g?ŠcgiŠpl)$ - [NC,F]

Summing up, with all the bells and whistles, you'd have:


RewriteEngine on
# redirect images
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?MyWebSite\.com/ [NC]
RewriteRule \.(gifŠjpe?g?)$ /no.$1 [NC,L]
# block scripts
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?MyWebSite\.com/ [NC]
RewriteRule \.(cgiŠpl)$ - [NC,F]

There's a way to combine and shorten these functions by using the [S] flag, but it's harder to maintain.

Jim

1:43 pm on Apr 15, 2003 (gmt 0)

10+ Year Member



Thx Jim ...
 

Featured Threads

Hot Threads This Week

Hot Threads This Month