closed,

Welcome to WebmasterWorld [webmasterworld.com]!

Try a simplified version:
(You may also need to add the first line)

Options +FollowSymLinks
RewriteEngine On
 
RewriteCond %{HTTP_REFERER} !^http://.*mydomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .* http://www.mydomain.com/AlternateImage.gif [L]

This reads, "If the referer is NOT mydomain.com and is NOT blank, then serve the alternate image using an internal redirect." Note that literal periods in patterns need to be escaped with a backslash (e.g. mydomain\.com).

Ref: Introduction to mod_rewrite [webmasterworld.com]

HTH,
Jim

I don't know how that helps, because I know that the second block of code works (that's why DefaultImage.gif shows up).

Also, I'm guessing that you want me to write:

Options +FollowSymLinks 
RewriteEngine On 

RewriteCond %{HTTP_REFERER} ^http://.*UnauthorizedDomain\.com/ [NC] 
RewriteRule .* http://www.mydomain.com/NastyImage.gif [L] 

RewriteCond %{HTTP_REFERER}!^http://.*mydomain\.com/ [NC] 
RewriteCond %{HTTP_REFERER}!^$ 
RewriteRule .* http://www.mydomain.com/AlternateImage.gif [L] 

So that people from UnauthorizedDomain.com see NastyImage.gif? Right?

Well, I tried it, and that doesn't work either.

closed,

Are you trying to redirect BOTH "good" visitors (from your own domain) and "bad" visitors - those from another domain?

The code I posted above redirects bad guys, but lets the good guys through to whatever image they requested.

I goofed the destination URI format for the alternate image - it should have been a local path only. If all you want to do is serve bad guys the alternate image, then the following code, unchanged except for the addition of your domain name and the path to your alternate image, is all you need:

Options +FollowSymLinks
RewriteEngine On
 
RewriteCond %{HTTP_REFERER} !^http://.*mydomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .* /AlternateImage.gif [L]

This redirects anyone who requests files in the subdirectory where it resides and provides a referer that is not your own domain to the alternate image in your root directory.

If that doesn't work, you may wish to try a few very simple test cases to make sure mod_rewrite is working on your server.

Jim

Well, what I'm trying to do is redirect:

1. the bad visitors from UnauthorizedDomain.com to NastyImage.gif
2. the good visitors (from mydomain.com and no referer) to the image they need
3. the bad visitors from all other domains to DefaultImage.gif

I know that mod_rewrite is working somewhat because right now, my code redirects:

1. ALL of the bad visitors (including those from UnauthorizedDomain.com) to DefaultImage.gif
2. the good visitors (from mydomain.com and no referer) to the image they need

closed,

Oh, sorry - I wasn't clear on the three-way branching.
That would make it:

Options +FollowSymLinks
RewriteEngine On
# If unauthorized domain, serve get lost image
RewriteCond %{HTTP_REFERER} ^http://.*UnauthorizedDomain\.com/ [NC]
RewriteRule .* /GetLostImage.gif [L]
# If not my domain and not blank referrer, serve alternate image
RewriteCond %{HTTP_REFERER} !^http://.*mydomain\.com [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .* /DefaultImage.gif [L] 

If this doesn't work, check your raw error logs and see what path the redirect is using to request the image. You may need to add a RewriteBase directive (see Apache mod_rewrite documentation [httpd.apache.org]) to specify the correct filepath. the advantage of the internal redirect is that it does not require the "cooperation" of the client, it does not reveal the redirected image location, and it is faster.

Jim

Yeah, that's pretty much what I did, except that instead of using:

RewriteRule .* /GetLostImage.gif [L]

I use:

RewriteRule .* http://www.mydomain.com/GetLostImage.gif [L,R]

The main reason I do that is because there are some redirects to the domain, which make addresses like [mydomain.com...] a subdomain like [someDirectory.foreignHost.com....]

No errors on the error log, and the access log shows that DefaultImage.gif is correctly accessed for all visitors except those from my domain and no referer. GetLostImage.gif doesn't show up when I try linking to it from a page on UnauthorizedDomain.com.

Are you stumped like me now? :)

closed,

No, still a couple of other things to try...

Carefully compare the referrer string in your logs to the pattern for UnauthorizedDomain. If the request referer isn't matching, the rule can't work. (I know this is obvious, but when I have problems w/mod_rewrite, it's 95% typos and only 5% logic and syntax problems.)

Every time you do an image load to test this code, flush your browser cache first. For long sessions, disable it. In order for mod_rewrite to affect the displayed image, the image must be requested from your server. If it's cached, it won't be requested from your server, it'll simply be returned from the local cache. So any "incorrect" image that gets cached while testing rewrites that don't work will hang around and make the later rewrites that do work look like they're broken, too.

Even if you have previous or subsequent rewrites, you can use an internal redirect to gain the benefits I outlined, by re-arranging the order of your Rules sections and allowing rewriting to continue by removing the [L] flag. If you want to do an external redirect, that's fine - I just thought I'd point out the advantages of doing it internally... Keeps 'em wondering what happened. ;)

Jim

Jim,

My fault. It was a logic problem. This code works exactly how I want it now:

Options +FollowSymLinks
RewriteEngine On 

RewriteCond %{HTTP_REFERER} ^http://.*UnauthorizedDomain\.com/ [NC,OR] 
RewriteCond %{HTTP_REFERER} ^http://.*UnauthorizedDomain2\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*127\.0\.0\.1/ [NC] 
RewriteRule .* http://www.mydomain.com/GetLostImage.gif [L,R]

RewriteCond %{HTTP_REFERER}!^http://.*mydomain\.com/ [NC] 
RewriteCond %{HTTP_REFERER}!^http://.*127\.0\.0\.255/ [NC] 
RewriteCond %{HTTP_REFERER}!^$
RewriteRule .* http://www.mydomain.com/DefaultImage.gif [L,R]

I forgot to add the OR when I added my test domain to the list.

Now, a few optimization questions:
1. Isn't Options +FollowSymLinks unnecessary since it worked before even without that line?
2. Which is faster when comparing the dot before the .com: \. or .?
3. Which is faster for the RewriteCond lines with an IP address: [NC] or no [NC]?

closed,

> 1. Isn't Options +FollowSymLinks unnecessary since it worked before even without that line?

True, that's why I said you might need to add it. But if mod_rewrite works without it, then you don't need it, because the option has already been enabled in a higher-level .htaccess, or at server level in httpd.conf.

> 2. Which is faster when comparing the dot before the .com: \. or .?

Well, "." would be faster, but it will match any single character, possibly leading to problems later. Don't worry too much about mod_rewrite parsing performance issues; mod_rewrite is VERY fast compared to any scripts you might run or any external redirect (which requires "handshaking" between the client and the server). Also, if a rewrite is in a subdirectory, then it affects performance in that subdirectory only.

> 3. Which is faster for the RewriteCond lines with an IP address: [NC] or no [NC]?

[NC] means "do a case-insensitive pattern match" and so is meaningless when matching an IP address. Leave it off those lines.

Glad you got it working!
Jim

Jim,

Thanks for the support, and for taking the time to help me out.