httaccess file for allow picking up files only from my website?

Forum Moderators: phranque

Message Too Old, No Replies

httaccess file for allow picking up files only from my website?

Limits in the access of an external folder

ceglobal

9:27 am on May 25, 2005 (gmt 0)

Dear all,

Our main website store videos in one especific folder of an other host/server. I need to block the direct access to this videos, mainly for people who use "bad" robots like Website Extractor, but allow people who go from the liks placed in my main website.

I used an .htaccess file in the folder of the videos with the following lines but it did not work:

order deny,allow
deny from all
allow from .my_main_web_site.com

¿What is the best way to provide access from my website but limit the access from direct visitors?

Maria

jd01

6:33 pm on May 25, 2005 (gmt 0)

You might try smething like this on the site that hosts the files:

RewriteEngine on
RewriteCond %{HTTP_REFERRER} !^(www\.)?yoursite\.com
RewriteRule . - [F]

If the referrer is not yoursite.com or www.yoursite.com, the condition will be true and the request will be forbidden. If the referrer is correct, the condition will fail and the request will be processed. Your users will have to use a browser that sends referrer headers, but maybe you could indicate that on the main site?

You could add a 'bad useragent' list also:

RewriteCond %{HTTP_USER_AGENT} badbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} badbot2 [NC,OR]
RewriteCond %{HTTP_USER_AGENT} badbot3 [NC]
RewriteRule . - [F]

Hope this helps.

Justin

[edited by: jd01 at 6:34 pm (utc) on May 25, 2005]

sitz

6:34 pm on May 25, 2005 (gmt 0)

There are numerous examples of how to do this in the list archives [google.com] (as searched by Google).