Welcome to WebmasterWorld Guest from 34.204.168.57

Forum Moderators: Ocean10000 & phranque

Message Too Old, No Replies

Selective image redirection using mod_rewrite

     
2:04 am on Aug 20, 2003 (gmt 0)

Full Member

10+ Year Member

joined:Aug 20, 2003
posts:255
votes: 0


Newbie to mod_rewrite here.

What's wrong with this code?


RewriteEngine On


RewriteCond %{HTTP_REFERER} ^http://([a-z0-9-]+\.)*UnauthorizedDomain.com/ [NC]
RewriteRule ^.*$ http://www.mydomain.com/NastyImage.gif [L,R]


RewriteCond %{HTTP_REFERER}!^http://([a-z0-9-]+\.)*mydomain.com/ [NC]
RewriteCond %{HTTP_REFERER}!^$
RewriteRule ^.*$ http://www.mydomain.com/DefaultImage.gif [L,R]

This code is in a .htaccess file in an image directory.

I'm trying to display a specific image (NastyImage.gif in this case) to visitors from UnauthorizedDomain.com. Visitors from sites other than from UnauthorizedDomain.com and mydomain.com would be shown DefaultImage.gif.

Or that's how I thought it would work. Unfortunately, everyone sees DefaultImage.gif.

3:15 am on Aug 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


closed,

Welcome to WebmasterWorld [webmasterworld.com]!

Try a simplified version:
(You may also need to add the first line)


Options +FollowSymLinks
RewriteEngine On

RewriteCond %{HTTP_REFERER} !^http://.*mydomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .* http://www.mydomain.com/AlternateImage.gif [L]

This reads, "If the referer is NOT mydomain.com and is NOT blank, then serve the alternate image using an internal redirect." Note that literal periods in patterns need to be escaped with a backslash (e.g. mydomain\.com).

Ref: Introduction to mod_rewrite [webmasterworld.com]

HTH,
Jim

3:57 am on Aug 20, 2003 (gmt 0)

Full Member

10+ Year Member

joined:Aug 20, 2003
posts:255
votes: 0


I don't know how that helps, because I know that the second block of code works (that's why DefaultImage.gif shows up).

Also, I'm guessing that you want me to write:


Options +FollowSymLinks
RewriteEngine On


RewriteCond %{HTTP_REFERER} ^http://.*UnauthorizedDomain\.com/ [NC]
RewriteRule .* http://www.mydomain.com/NastyImage.gif [L]


RewriteCond %{HTTP_REFERER}!^http://.*mydomain\.com/ [NC]
RewriteCond %{HTTP_REFERER}!^$
RewriteRule .* http://www.mydomain.com/AlternateImage.gif [L]

So that people from UnauthorizedDomain.com see NastyImage.gif? Right?

Well, I tried it, and that doesn't work either.

4:18 am on Aug 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


closed,

Are you trying to redirect BOTH "good" visitors (from your own domain) and "bad" visitors - those from another domain?

The code I posted above redirects bad guys, but lets the good guys through to whatever image they requested.

I goofed the destination URI format for the alternate image - it should have been a local path only. If all you want to do is serve bad guys the alternate image, then the following code, unchanged except for the addition of your domain name and the path to your alternate image, is all you need:


Options +FollowSymLinks
RewriteEngine On

RewriteCond %{HTTP_REFERER} !^http://.*mydomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .* /AlternateImage.gif [L]

This redirects anyone who requests files in the subdirectory where it resides and provides a referer that is not your own domain to the alternate image in your root directory.

If that doesn't work, you may wish to try a few very simple test cases to make sure mod_rewrite is working on your server.

Jim

4:27 am on Aug 20, 2003 (gmt 0)

Full Member

10+ Year Member

joined:Aug 20, 2003
posts:255
votes: 0


Well, what I'm trying to do is redirect:

1. the bad visitors from UnauthorizedDomain.com to NastyImage.gif
2. the good visitors (from mydomain.com and no referer) to the image they need
3. the bad visitors from all other domains to DefaultImage.gif

I know that mod_rewrite is working somewhat because right now, my code redirects:

1. ALL of the bad visitors (including those from UnauthorizedDomain.com) to DefaultImage.gif
2. the good visitors (from mydomain.com and no referer) to the image they need

4:43 am on Aug 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


closed,

Oh, sorry - I wasn't clear on the three-way branching.
That would make it:


Options +FollowSymLinks
RewriteEngine On
# If unauthorized domain, serve get lost image
RewriteCond %{HTTP_REFERER} ^http://.*UnauthorizedDomain\.com/ [NC]
RewriteRule .* /GetLostImage.gif [L]
# If not my domain and not blank referrer, serve alternate image
RewriteCond %{HTTP_REFERER} !^http://.*mydomain\.com [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .* /DefaultImage.gif [L]

If this doesn't work, check your raw error logs and see what path the redirect is using to request the image. You may need to add a RewriteBase directive (see Apache mod_rewrite documentation [httpd.apache.org]) to specify the correct filepath. the advantage of the internal redirect is that it does not require the "cooperation" of the client, it does not reveal the redirected image location, and it is faster.

Jim

5:26 am on Aug 20, 2003 (gmt 0)

Full Member

10+ Year Member

joined:Aug 20, 2003
posts:255
votes: 0


Yeah, that's pretty much what I did, except that instead of using:


RewriteRule .* /GetLostImage.gif [L]

I use:


RewriteRule .* http://www.mydomain.com/GetLostImage.gif [L,R]

The main reason I do that is because there are some redirects to the domain, which make addresses like [mydomain.com...] a subdomain like [someDirectory.foreignHost.com....]

No errors on the error log, and the access log shows that DefaultImage.gif is correctly accessed for all visitors except those from my domain and no referer. GetLostImage.gif doesn't show up when I try linking to it from a page on UnauthorizedDomain.com.

Are you stumped like me now? :)

2:49 pm on Aug 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


closed,

No, still a couple of other things to try...

  • Carefully compare the referrer string in your logs to the pattern for UnauthorizedDomain. If the request referer isn't matching, the rule can't work. (I know this is obvious, but when I have problems w/mod_rewrite, it's 95% typos and only 5% logic and syntax problems.)

  • Every time you do an image load to test this code, flush your browser cache first. For long sessions, disable it. In order for mod_rewrite to affect the displayed image, the image must be requested from your server. If it's cached, it won't be requested from your server, it'll simply be returned from the local cache. So any "incorrect" image that gets cached while testing rewrites that don't work will hang around and make the later rewrites that do work look like they're broken, too.

    Even if you have previous or subsequent rewrites, you can use an internal redirect to gain the benefits I outlined, by re-arranging the order of your Rules sections and allowing rewriting to continue by removing the [L] flag. If you want to do an external redirect, that's fine - I just thought I'd point out the advantages of doing it internally... Keeps 'em wondering what happened. ;)

    Jim

  • 4:55 pm on Aug 20, 2003 (gmt 0)

    Full Member

    10+ Year Member

    joined:Aug 20, 2003
    posts:255
    votes: 0


    Jim,

    My fault. It was a logic problem. This code works exactly how I want it now:


    Options +FollowSymLinks
    RewriteEngine On


    RewriteCond %{HTTP_REFERER} ^http://.*UnauthorizedDomain\.com/ [NC,OR]
    RewriteCond %{HTTP_REFERER} ^http://.*UnauthorizedDomain2\.com/ [NC,OR]
    RewriteCond %{HTTP_REFERER} ^http://.*127\.0\.0\.1/ [NC]
    RewriteRule .* http://www.mydomain.com/GetLostImage.gif [L,R]


    RewriteCond %{HTTP_REFERER}!^http://.*mydomain\.com/ [NC]
    RewriteCond %{HTTP_REFERER}!^http://.*127\.0\.0\.255/ [NC]
    RewriteCond %{HTTP_REFERER}!^$
    RewriteRule .* http://www.mydomain.com/DefaultImage.gif [L,R]

    I forgot to add the OR when I added my test domain to the list.

    Now, a few optimization questions:
    1. Isn't Options +FollowSymLinks unnecessary since it worked before even without that line?
    2. Which is faster when comparing the dot before the .com: \. or .?
    3. Which is faster for the RewriteCond lines with an IP address: [NC] or no [NC]?

    5:22 pm on Aug 20, 2003 (gmt 0)

    Senior Member

    WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

    joined:Mar 31, 2002
    posts:25430
    votes: 0


    closed,

    > 1. Isn't Options +FollowSymLinks unnecessary since it worked before even without that line?

    True, that's why I said you might need to add it. But if mod_rewrite works without it, then you don't need it, because the option has already been enabled in a higher-level .htaccess, or at server level in httpd.conf.

    > 2. Which is faster when comparing the dot before the .com: \. or .?

    Well, "." would be faster, but it will match any single character, possibly leading to problems later. Don't worry too much about mod_rewrite parsing performance issues; mod_rewrite is VERY fast compared to any scripts you might run or any external redirect (which requires "handshaking" between the client and the server). Also, if a rewrite is in a subdirectory, then it affects performance in that subdirectory only.

    > 3. Which is faster for the RewriteCond lines with an IP address: [NC] or no [NC]?

    [NC] means "do a case-insensitive pattern match" and so is meaningless when matching an IP address. Leave it off those lines.

    Glad you got it working!
    Jim

    5:47 pm on Aug 20, 2003 (gmt 0)

    Full Member

    10+ Year Member

    joined:Aug 20, 2003
    posts:255
    votes: 0


    Jim,

    Thanks for the support, and for taking the time to help me out.