Block Wget from Grabbing Images

Forum Moderators: phranque

Message Too Old, No Replies

Block Wget from Grabbing Images

blocking wget

Perkmeister

6:12 pm on Jan 11, 2005 (gmt 0)

Using an .htaccess file, I need to be able to block wget from downloading for a certain directory (ie /photos). I have tried the following code in an .htaccess file in the directory in question, but have not had a lot of luck.

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^Wget
RewriteRule ^.* - [F]

Any suggestion or pointers at this point would be greatly appreciated. I am relatively new to the mod_rewrite world and still learning.

Thanks,
David

kalos

6:55 pm on Jan 11, 2005 (gmt 0)

While that may work, you are able to set the user agent via a command line arguement in wget so it would only stop lazy scripters. If someone wants the images, they will find a way.

Perkmeister

7:07 pm on Jan 11, 2005 (gmt 0)

The problem is that it is not working and here is the error that I am getting...

Server error!
The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script.
If you think this is a server error, please contact the webmaster
Error 500

Error Log:
.../photos/.htaccess: RewriteEngine not allowed here

The lazy ones are the ones that I currently want to stop.

bcolflesh

7:27 pm on Jan 11, 2005 (gmt 0)

Perhaps your hosting is setup to only allow .htaccess in the root of your web directory.

Perkmeister

7:54 pm on Jan 11, 2005 (gmt 0)

I know that is not the problem because I am using an .htaccess file in a different subdirectory for authentication purposes and it works fine. I can get the authentication to work in the /photos directory but as soon as I add the Rewrite stuff, it dies.

David

jdMorgan

11:45 pm on Jan 11, 2005 (gmt 0)

Since your code bans access to all resources, this my be interfering with other functions, such as serving custom error pages.

Try making the code more specific by including a filetype that will prevent problems serving error pages.


RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^Wget
RewriteRule \.jpg$ - [F]

You might also want to check your server error log -- it will usually tell you what the problem is.

Jim

Perkmeister

12:06 am on Jan 12, 2005 (gmt 0)

Thanks for the suggestion. As it turns out, I had to add...

AllowOverride FileInfo

to my VirtualHost configuration to get it to work. Thanks for the help.

David

whoisgregg

2:32 am on Jan 12, 2005 (gmt 0)

you are able to set the user agent via a command line arguement in wget so it would only stop lazy scripters

Or via a checkbox in the available wget GUI's out there, increasing the quantity of successful lazy image thieves out there. :(

jdMorgan

3:32 am on Jan 12, 2005 (gmt 0)

Blocking by user-agent and/or by http_referrer is easy and convenient, but not terribly effective. It won't stop technically-savvy pilferers, but it will stop quite a few attempts. And it's easy to do; Its cost/benefit ratio is positive.

For the technically-savvy intruders, there are less-efficient but more powerful approaches such as the various 'bad-bot' trap scripts posted here on WebmasterWorld which control access based on robots.txt enforcement and frequency of access. Beyond that, you have passwords, cookies, and sessions. Even those methods are not 100% reliable.

But that doesn't mean you shouldn't try. And should you end up prosecuting a copyright case, the fact that you did try and the defendant had to make an effort to defeat your safeguards will weigh positively on the outcome.

Jim

Perkmeister

3:50 am on Jan 12, 2005 (gmt 0)

Exactly...

The simple task of blocking by user agent and referrer will easily eliminate 50-60% of my pilferers, possibly even a higher percentage than that. The more technical pilferers will find a way to get what they want using one method or another, so trying to prevent them is really a lost cause.

David