Welcome to WebmasterWorld Guest from 23.22.220.37

Forum Moderators: bakedjake

Message Too Old, No Replies

help with understanding an odd htaccess file

     
6:14 am on Jun 14, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:July 20, 2004
posts: 703
votes: 0


Hi, I stumbled across this odd htaccess file in my root directory (not sure how it got there) and was hoping someone could possible explain what it does? Thanks. I replaced the actual domain name (which site was not connected to me) to example.com)

RewriteEngine on
RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://(www.)?example.com.*$ [NC]
RewriteRule .(gif¦jpg)$ - [F]

7:11 pm on June 14, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 31, 2003
posts:1316
votes: 0


It prevents other sites from linking to images on your server, to save bandwidth.

If the referrer is not blank and it's not your site (example.com), then it will deny access to the image.

12:05 am on June 19, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:Jan 1, 2006
posts:43
votes: 0


if the .htaccess file prevents links to your pics, is that stictly the jpg and gif or does it include jpeg and giff and png images as well?
12:34 am on June 19, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 31, 2003
posts:1316
votes: 0


It only blocks the exact extensions listed, but you can add others: (gif¦jpg¦jpeg¦png¦bmp)
1:18 am on June 19, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


There are a couple of mistakes and inefficiencies in that code, so let's stop it from spreading further. Try this:

RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com [NC]
RewriteRule \.(gif¦jpe?g¦png¦bmp)$ - [F]

This is just a clean-up; Function is unchanged except for adding the jpeg, png, and bmp filetypes.

Replace the broken pipe "¦" characters above with solid pipe characters before use; Posting on this forum modifies the pipe characters.

Jim

1:43 am on June 19, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:Jan 1, 2006
posts:43
votes: 0


where is a good place to learn the "syntax" of the .ht files?
3:00 am on June 19, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member eelixduppy is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 12, 2005
posts:5966
votes: 0


>> where is a good place to learn the "syntax" of the .ht[access] files?

[httpd.apache.org...] :)

1:51 pm on June 19, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:July 20, 2004
posts:703
votes: 0


There are a couple of mistakes and inefficiencies in that code, so let's stop it from spreading further. Try this:

RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER}!^http://(www\.)?example\.com [NC]
RewriteRule \.(gif¦jpe?g¦png¦bmp)$ - [F]

This is just a clean-up; Function is unchanged except for adding the jpeg, png, and bmp filetypes.
Replace the broken pipe "¦" characters above with solid pipe characters before use; Posting on this forum modifies the pipe characters.

It turns out example.com was the 3rd party unrelated website which was heavily linking to my images. Is there a way to stop more than one site doing it? Thanks to Jim and others for the feedback.

2:05 pm on June 19, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 31, 2003
posts:1316
votes: 0


Example.com should be your site, and it blocks all others.
2:28 pm on June 19, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:July 20, 2004
posts:703
votes: 0


Oh, did not know that! Is it any wonder it did not work? Surprised no one else in the thread mentioned that.

The htaccess file at issue (and example.com) was the domain of the 3rd party owned site which was doing non-authorized heavy hot linking of my images.

2:20 am on June 21, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:July 20, 2004
posts:703
votes: 0


There are a couple of mistakes and inefficiencies in that code, so let's stop it from spreading further. Try this:

RewriteEngine on
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER}!^http://(www\.)?example\.com [NC]
RewriteRule \.(gif¦jpe?g¦png¦bmp)$ - [F]

This is just a clean-up; Function is unchanged except for adding the jpeg, png, and bmp filetypes.
Replace the broken pipe "¦" characters above with solid pipe characters before use; Posting on this forum modifies the pipe characters.

Hi jdMorgan, Was wondering what the purpose of the (www\. is in this code since I 301 all my error code traffic to the non-www? Does that matter? Also, just to be certain about this code, should example.com in fact be my domain and not the domain I wish to block (as mcavic had stated)? Thanks to all.

2:48 am on June 21, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


I hope you like long answers... :)

Some ISPs --like Hughes Network (satellite)-- use proxy clients between the real client and your server. These proxy clients, located at the ISPs network operations center, are intended to compensate for the long-latency satellite signal travel time (22,300 miles X 4 / 186,000 mps = ~480 millisecond signal delay).

However, these proxy clients are not real smart, and don't follow HTTP redirects as a real client would. They request a page on behalf of the real client, then request all included objects (e.g. images, css, external JS files) referenced on that page, package up the whole mess, and send it up to the satellite and back down to the client. The client-side satellite software (in the satellite modem or installed on the client machine) then decompresses and un-bundles the package into the original page and all its components. Overall, this makes the link appear run faster.

However, if the vistor typed in your domain incorrectly, or clicked on an incorrect link (with www missing or present, whichever is 'wrong') then the satellite proxy client may have made all of those object requests with the incorrect www/no-www domain. His browser will have to retry all requests that got a 403-Forbidden response, and this will slow your page apparent page load time by at least an addition one-half second (and usually by a lot more).

Long story short, according to my log files showing satellite accesses, it's best to allow the non-canonical domain to access images, CSS, JS files, etc.. :)

Jim

2:49 pm on June 21, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:July 20, 2004
posts:703
votes: 0


Thanks Jim. Just to be sure about this is the non-canonical domain the one with no www and the canonical one includes the www? I am always confused on the term canonical.

Also, example.com is my domain and not the site I wish to block, right?

2:50 pm on June 21, 2007 (gmt 0)

Senior Member from MY 

WebmasterWorld Senior Member vincevincevince is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Apr 1, 2003
posts:4847
votes: 0


trader, you are right in all apart from the word conical - the correct word is canonical. The one with www. is canonical.
3:22 pm on June 21, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


In the context of this thread, "canonical domain" may mean the "www" version, but actually, it is whatever you as a Webmaster want it to be: Your canonical domain is whichever you choose for your "preferred" domain, whether it's "example.com" or "www.example.com", or "any-other-subdomain-I-like.example.com".

"Canonical [google.com]" isn't some fancy tech term. It simply means "usual, customary, standard, basic, according to the rules, generally-accepted" and it is the site owner who gets to define the canonical domain for a site -- usually by 301-redirecting all non-canonical variants to the canonical domain.

Jim

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members