RewriteEngine on

RewriteCond %{HTTP_REFERER}!^$

RewriteCond %{HTTP_REFERER}!^http://your_domain_name/.*$ [NC] [OR]

RewriteCond %{HTTP_REFERER}!^http://www.your_domain_name/.*$ [NC] [OR]

RewriteRule .*\.(gif¦GIF¦jpg¦JPG¦bmp¦BMP¦wav¦mp3¦wmv¦avi¦mpeg)$ - [F]

in your .htaccess file :)

For a simple, reasonably-effective (but not 100%) solution, try this search [google.com]. It works well enough to make the hotlinker's site look broken to his visitors.

Better effectiveness can be had using a scripted approach, where you set and check cookies before serving images or protected content. But this requires an investment of significant time and complicates your site. You can also simply change the filenames periodically to 'break' the hotlinks.

The only 100% solution to theft of copyrighted images involves attorneys, but even that may not work if the thief is in a country with loose copyright laws or enforcement.

Jim

just one thing

you must change the broken vertical pipes to solid ( this board changes them )

There are several problems with that code, so to save future readers some trouble, here's a correction/enhancement.

In .htaccess:

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com
RewriteRule \.(gif夸pe?g在mp如ng¦wav妃p3安mv地vi妃pe?g)$ - [NC,F]

Replace all broken pipe "¦" characters above with solid pipes before use; Posting on this board modifies them.

Jim

Does it matter that we are running shared images on this particular server? Where would I need to place the .htaccess file? I fixed the broken pipes and modified the file to suit my clients needs'...just didn't know if I was doing something wrong as the images still show up on the other dudes' website.

I used that code you have Curly but my clients' website is the one that gets blocked, not the other dudes' images. I'm probably just doing something wrong. I'll keep researching it but if you guys have any other ideas do share!

This is the code I used:

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^http://(www\.)?MYDOMAIN\.com
RewriteRule \.(gif¦jpeg¦bmp¦png¦wav¦mp3¦wmv¦avi¦mpeg)$ - [NC,F]

But then I get an Internal Server error on my clients site AND the stealers sites' images all still work too.

Any ideas? Maybe its something to do with "mod_rewrite" or something that would cause me NOT to be able to do this?

[edited by: jdMorgan at 5:05 pm (utc) on Jan. 20, 2006]
[edit reason] Included code, removed URL per TOS. [/edit]

Check your server error log and look for the error message related to the 500-Server Error. The error log will often tell you exactly what's wrong.

The code is good, so it's likely a configuration problem, such as mod_rewrite not loaded or not allowed with your current config.

You can try commenting out the "Options" line. It may not be needed and it may not be allowed. If both are true, then the code might work without it.

Jim

I'm sorry to be a bother, but could you kindly direct me to where the error logs would be? I looked in /logs as admin but couldn't see anything.

I always thought the better solution was to replace the images they are linking to with something nasty, like porn shots or a banner that says "thief" or something like that, no?

EVO

Well I can't exactly do that as I noted before that all the images on this particular server are being shared by other websites, haha, so that wouldn't really work.

But if I could I would!

Ok it says in the error logs:

RewriteCond not allowed here

Any way around this?

Ok I checked out Apache and "mod_rewrite" is a loaded module. But I am still getting the error page and the error logs say this:

RewriteEngine not allowed here

Any ideas?

I figured it out! :D:D:D:D

Since I am sharing images on the entire server, I needed to place the .htaccess file inside of the directory where the image folders were located. So that worked like a charm!

Well that didn't exactly work. Its blocking images on my clients site too.

I'll keep playing...

Is there a way to "allow" images to be seen with a certain IP Class?

If you simply want to 'allow' several other client sites to use these images, add them as negative RewriteConds, Assuming you're still using the last code you posted, and them like this:

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^http://(www\.)?MYDOMAIN\.com
RewriteCond %{HTTP_REFERER} !^http://(www\.)?CLIENT1_DOMAIN\.com
RewriteCond %{HTTP_REFERER} !^http://(www\.)?CLIENT2_DOMAIN\.com
RewriteRule \.(gif夸peg在mp如ng安av妃p3安mv地vi妃peg)$ - [NC,F]

Jim

There probably is...you may find an answer In the Apache URL Rewriting Guide (search Google for that).

But if you know all the domains of all the websites that access these images, then you could add more Rewrite Conditions to allow other domain names access.

RewriteCond %{HTTP_REFERER}  !^http://(www\.)?example\.com      ## existing line ## 
RewriteCond %{HTTP_REFERER}  !^http://subdomain\.example\.com  
RewriteCond %{HTTP_REFERER}  !^http://(www\.)?otherdomain\.com  
RewriteCond %{HTTP_REFERER}  !^http://(www\.)?andanother\.org  
RewriteCond %{HTTP_REFERER}  !^http://(www\.)?andanother\.net  

Adding the above conditions would probably work too. Plus the above won't get hosed if the IP addresses of the sites ever change some day (?).

Good luck!

Can I just edit the httpd.conf file because none of this other stuff is working. I have been working on this since around 11 am CST. Its getting a little frustrating to say the least.

I posted this message on another site looking for help but to no avail:

So I have been researching this ALL DAY and found all kinds of things about modifying the .htaccess file to block this dude from stealing images.

Here is what makes this a unique situation. We are running Apache with hundreds of similar websites that are sharing the same images. So instead of having each and every website have its very own copy of each image, we decided to save space, and have one folder (and rewrote part of the httpd.conf file to make it work) but now there is a site (not hosted by us) that is hardlinking images from one of my clients on his site

How do I block this guy? I have pretty well tried everything I have found online. I even found a nice tool <snip>

If I take my clients site XYZ.com and add a .htaccess file there and paste the results gathered by the above link then I get an Internal Server Error. So I decided to go into the Shared Folder regiion and added the .htaccess file there. But the problem is that not only is the STEALERS images not work, but none of our clients on that server work either

So, hopefully, you can see the uniqueness of this situation. I even tried a DENY FROM with the stealers' IP Address but to no avail. I'm sure all of the code that htmlbasix.com provided would work under normal circumstances, but not working for me with this.

Maybe editing the http.conf file would be a solution perhaps? Thank you guys for your time once again and hopefully I can stop this idiot!

[edited by: jdMorgan at 10:57 pm (utc) on Jan. 20, 2006]
[edit reason] Repaired formatting. Removed URL per TOS. [/edit]