1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 2:17 am May 2, 2026

Forum Moderators: phranque

Message Too Old, No Replies

block media in a directory

mod_rewrite HTTP_REFERER

         

troot

2:35 pm on May 25, 2005 (gmt 0)

10+ Year Member



hi all,

I have the following settings I'm trying to get to work:
RewriteEngine on
ErrorDocument 403 /tmp/err.html
RewriteLogLevel 9
RewriteLog "c:/reflog.log"
RewriteCond %{HTTP_REFERER}!^$ [OR]
RewriteCond %{HTTP_REFERER}!^http://localhost/*\.php$ [NC]
RewriteRule /locked_down/*(.jpg¦.jpeg¦.gif¦.png¦.swf)$ - [F]
Can anybody give any suggestions on how to get it working properly? The required functionality is, if somebody requests any of the specified media, but it isn't coming from a php page on my site, send a forbidden message.

I know it is possible to circumnavigate this method and it has one or two other flaws, but I believe it will do for my purposes.

Troot

jdMorgan

3:53 pm on May 25, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



troot,

Welcome to WebmasterWorld!

First, remove the [OR] from the first RewriteCond. You want the rule applied if the Referrer is non-blank AND non-local. If it is blank, you can't tell where the request came from, and many legitimate requests will be blank.

The syntax in the rule's pattern is incorrect. mod_rewrite uses regular expressions, not 'windows wildcards'. In this case "/*" means "match zero or more slashes here." See our forum charter for a link to more regular expressions information. 


RewriteRule /locked_down/*(.jpg¦.jpeg¦.gif¦.png¦.swf)$ - [F]

I suspect that you want "/.+" instead.

Jim

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 2:17 am May 2, 2026