Difference between revisions of "Htaccess: Preventing hot linking"

From The Uniform Server Wiki
Jump to navigation Jump to search
(Punctuation and grammatical changes; some clarification.)
(Moved to new category; Additional grammar and cleanup edits.)
 
Line 2: Line 2:
 
<div style="padding:0;margin:0; border-bottom:3px inset #000000">
 
<div style="padding:0;margin:0; border-bottom:3px inset #000000">
 
{|  
 
{|  
|[[Image:uc_small_logo.gif | MPG UniCenter]] ||
+
 
 
.htaccess:  
 
.htaccess:  
 
[[Htaccess: Introduction | Introduction]] |   
 
[[Htaccess: Introduction | Introduction]] |   
Line 20: Line 20:
 
'''Hot linking'''
 
'''Hot linking'''
  
What is hot linking? It's when someone links to some content on your server and uses your server to deliver the goods. It could be images or any non-html objects. They are effectively stealing your bandwidth at your expense.
+
What is hot linking? It's when someone else links to some content on your server and uses your server to deliver the goods. It could be images or any non-html objects. They are effectively stealing your bandwidth at your expense.
  
Uniform Server has mod-rewrite enabled, allowing you to rewrite the requested URL on-the-fly based on configuration directives and rules. It's as complex as it sounds. I found this code on the Internet which prevents hot linking to images on your site.
+
The Uniform Server has mod-rewrite enabled, allowing you to rewrite the requested URL on-the-fly based on configuration directives and rules. It's as complex as it sounds. I found this code on the Internet which prevents hot linking to images on your site.
  
Just pop this code into your root .htaccess file for global effect, or a sub-folder to localise the effect to just one section of your site:
+
Just pop this code into your root .htaccess file for global effect, or a sub-directory to localise the effect to just one section of your site:
  
 
== Serve a broken image ==
 
== Serve a broken image ==
Line 74: Line 74:
 
----
 
----
  
[[Category: Support]]
+
[[Category: Apache Configuration]]
[[Category: Troubleshooting ]]
 
[[Category: Application]]
 
[[Category: Development]]
 

Latest revision as of 11:50, 21 June 2013

.htaccess: Introduction | Site error documents | Prevent Directory Listing | Redirect | Preventing hot linking |

.htaccess - Apache directory-level configuration file

Hot linking

What is hot linking? It's when someone else links to some content on your server and uses your server to deliver the goods. It could be images or any non-html objects. They are effectively stealing your bandwidth at your expense.

The Uniform Server has mod-rewrite enabled, allowing you to rewrite the requested URL on-the-fly based on configuration directives and rules. It's as complex as it sounds. I found this code on the Internet which prevents hot linking to images on your site.

Just pop this code into your root .htaccess file for global effect, or a sub-directory to localise the effect to just one section of your site:

Serve a broken image

This code produces a broken image to be displayed when it's hot linked. Make sure to replace "mydomain.com" with your own.

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]

Or

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?(subdomain_mydomain\.)?mydomain.com/ [NC]
RewriteRule \.(jpe?g|gif|png|bmp)$ - [F] 

Link: I think the original source came from here: webmasterworld.com

Serve an alternative image

Remember, it's your server and you can do what you like, so why not serve an alternative image in your favor. Again, remember to replace "mydomain.com" with your own:

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ http://www.mydomain.com/nasty.gif [R,L]

General note

I have seen several cases where mod rewrite is used in .htaccess files and the line

Options +FollowSymLinks

is missing, which effectively informs Apache to ignore mod_rewrite.

This error shows up in the log files as:

[client 127.0.0.1] Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: W:/www/textpattern/