Forum Moderators: phranque
I'm quite new to using .htaccess files and am trying to set mine up to forbid hotlinking. The code I'm using is:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example.com/.*$ [NC]
RewriteRule \.(gif¦jpg¦jpeg¦png)$ http://www.example.com/errors/angryman.png [R,L]
However I have a variety of subdomains set up, and if I try to access images through them, it thinks it's another site and replaces them with my angryman image.
If someone could tell me how to modify my code (and explain if you can - I want to learn:)) so that it just allows any domain ending in caeus.com (ie. products.caeus.com, hosted.caeus.com etc.) then I'd be very grateful.
(Also... can I set more than one domain that it allows? Eg. let it allow ebay.co.uk as well - so that I can host photos and use them on there?)
Thanks.
[edited by: jdMorgan at 7:09 pm (utc) on Nov. 11, 2005]
[edit reason] Examplified. [/edit]
The following should match any subdomain that you setup on your site:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://([^.]+\.)?example.com/.*$ [NC]
RewriteRule \.(gif¦jpg¦jpeg¦png)$ http://www.example.com/errors/angryman.png [R,L]
Also, just as a heads up, it's against the terms of service to post any personal URLs, hence the examplification
Chad
cheers for the reply, for some reason i cant get it to work at all now, with either code snippet :s
I've just put "RewriteEngine on" once at the top of my file... or do I have to put it before each 'thing' I do in the file? can't figure out how i've broken it... it was working before :p
You only need the "RewriteEngine On" once at the top. When you say it's not working, are the images totally broken, or is it not displaying the angryman picture when linked from another site?
Chad
I've been having a play and it's now working a bit more... but still not quite :)
If I hotlink my images using the code below, rather than serving the angryman image I just get a broken link.
And also, if you go to subdomain.mydomain.com, it still thinks the images (and css files...) are being hotlinked....
# turn on engine
RewriteEngine on
RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://([^.]+\.)?mydomain.com/.*$ [NC]
RewriteRule \.(js¦css)$ - [F]
RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://([^.]+\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif¦jpg¦png)$ [mydomain.com...] [R,L]
as always, any help appreciated :) thanks.
Of course, because angryman.png is a png file, and those aren't allowed to be fetched from your site.
You'll need to add an exception to allow it to be feched:
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^http://([^.]+\.)?mydomain\.com [NC]
RewriteCond %{REQUEST_URI} !^/angryman\.png$
RewriteRule \.(gif¦jpg¦png)$ /angryman.png [L]
Flush your browser cache after making any change to your access-control code, and when testing from different sites. This will clear up a lot of testing problems due to your browser rendering a previously-cached image instead of sending the request to the server. If no request is sent to the server, then your code can have no effect.
Jim
