huh i forgot.. i'm new to webmasterworld so hello everyone :)

can someone help me with this code? i've also tried with http referer but it doesn't work, although i browsed many topics here :(

:/

Hi castorfou,

Welcome to WebmasterWorld

I have not answered, because this is not my forte...

Are you sure you have included LIMIT?

<Limit GET POST>
Order Deny,Allow
Deny from all
Allow from www.myfirstwebsite.com
</Limit>

I believe this can be set to * (all) or individual request types, but again, this is not what I normally work with, so you will probably want to follow up on my suggestion.

Justin

i got an error 403...

maybe should i use an http referer with htaccess? i tried it but it doesn't work too.. what would you propose?

The directive

Allow from example.com

will allow only the machine example.com to access your files. This means only a user logged on to that machine can fetch your files. So, yes, it looks like you need to use the Referer info. However, this is not directly available to mod_access, so you need to use mod_setenvif.

If you want to test the referrer, you'll need something like

SetEnvIf Referer "$^" allowit
SetEnvIf Referer "example\.com" allowit
Order Deny,Allow
Deny from all
Allow from allowit

You can also use mod_rewrite -- There are already tons of threads here with mod_rewrite anti-hotlinking code.

Note that blank referrers are specifically allowed by the code above. There are many users whose referrers will be blocked without their knowledge, and you'll need to allow them access unless you have a 24/7 help desk and intendt to allow them one IP address at a time... :o

Watch out! -- The value you need to test is the referrer header. And the corresponding variable name is consistently misspelled in Apache as "referer".

Jim