kgp43
asked on
Hotlink protect all files in a directory
Hi,
I'm using the following code to hotlink protect all files in a directory, but it isnt working (no error but can download files from everywhere (include direct from browser).
Only allowed to be downloaded from "http://www.savefile.com/" (directories and files) - hosting some subdomains witch isnt allowed to hotlink neither.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?savefile.com/.*$ [NC]
RewriteRule \.(*)$ - [F]
- What is wrong with my code?
I'm using the following code to hotlink protect all files in a directory, but it isnt working (no error but can download files from everywhere (include direct from browser).
Only allowed to be downloaded from "http://www.savefile.com/" (directories and files) - hosting some subdomains witch isnt allowed to hotlink neither.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?savefile.com/.*$ [NC]
RewriteRule \.(*)$ - [F]
- What is wrong with my code?
ASKER
still open for suggestions :)
This one is based on the cPanel's model, works fine for me. Make sure you have rewrite engine enabled!
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://.*.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe)$ http://fcelebs.com/images/accessdenied.jpg [R,NC]
usr@name [/home/account/www/]# cat /etc/httpd/conf/httpd.conf | grep rewrite
LoadModule rewrite_module libexec/mod_rewrite.so
AddModule mod_rewrite.c
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://.*.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe)$ http://fcelebs.com/images/accessdenied.jpg [R,NC]
usr@name [/home/account/www/]# cat /etc/httpd/conf/httpd.conf
LoadModule rewrite_module libexec/mod_rewrite.so
AddModule mod_rewrite.c
To answer your question, btw, you have a syntax error.
[Sat Apr 9 16:16:35 2005] [alert] [client 68.13.1.1] /home/fff/public_html/tmp/ .htaccess: RewriteRule: cannot compile regular expression '\\.(*)$'\n
[Sat Apr 9 16:16:35 2005] [alert] [client 68.13.1.1] /home/fff/public_html/tmp/
ASKER
I'm already using something similar to your suggestions, but how do I prevent all filestypes instead of just those 3 (I have about 30 ext., that I want to hotlink protect)
Also, dosent this allow subdomains of savefile to hotlink (witch I dont want):
RewriteCond %{HTTP_REFERER} !^http://.*.savefile.com/.*$ [NC]
Also, dosent this allow subdomains of savefile to hotlink (witch I dont want):
RewriteCond %{HTTP_REFERER} !^http://.*.savefile.com/.*$ [NC]
For images:
RewriteRule .*\.(jpg|jpeg|jpe)$ http://fcelebs.com/images/accessdenied.jpg [R,NC]
Add others similiarly...
RewriteRule .*\.(jpg|jpeg|jpe|etc|bmp| txt)$ http://fcelebs.com/images/accessdenied.jpg [R,NC]
RewriteRule .*\.(jpg|jpeg|jpe)$ http://fcelebs.com/images/accessdenied.jpg [R,NC]
Add others similiarly...
RewriteRule .*\.(jpg|jpeg|jpe|etc|bmp|
ASKER
Can I use a wildcard or something? otherwise I will have to add all 30-40 extentions.
Yes. You can use regular expressions. I'm not good with that, but .* should be one character, followed by any number of characters being any characters present.
ASKER
im using this hotlink protection below, but it's not working 100%
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe|gif)$ http://www.savefile.com [R,NC]
With this tool/checker it's possible to hotlink using a popup: http://coldlink.com/htm/tool.htm
How do I prevent that?
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe|gif)$ http://www.savefile.com [R,NC]
With this tool/checker it's possible to hotlink using a popup: http://coldlink.com/htm/tool.htm
How do I prevent that?
ASKER
Test url worked, I got the savefile.com.
ASKER
try this tool (allow popups): http://coldlink.com/htm/tool.htm
- it dosnet work with popups and telling me to correct it.
- it dosnet work with popups and telling me to correct it.
Doesn't bring pictures for me, using Firefox.
ASKER
I get it (using IE)
ASKER
I tried to remove the image... thing, and using a wildcard but it dosent work.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.savefile.com/.*$ [NC]
RewriteRule .*\.(.*)$ http://www.savefile.com [R,NC]
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.savefile.com/.*$ [NC]
RewriteRule .*\.(.*)$ http://www.savefile.com [R,NC]
Why are these .* in parens? I thought parenthetical expression was used option for option lists?
ASKER
I asked if it was possible to use "wildcard" instead of "gif|jpg|png", and was told to use (.*)
is this wrong?
is this wrong?
ASKER
Hi,
I have been using the last 3-4 hours to get this to work, but everything seems to fail.
I'm back using this version, but im able to link directly to the files from my browser.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe|gif|exe) $ http://www.savefile.com [R,NC]
- How do I prevent linking directly from the browser?
Ex. http://fs01.savefile.com/files/2005/04/11/[www.savefile.com]050411183311_lastpost.gi f
I have been using the last 3-4 hours to get this to work, but everything seems to fail.
I'm back using this version, but im able to link directly to the files from my browser.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe|gif|exe)
- How do I prevent linking directly from the browser?
Ex. http://fs01.savefile.com/files/2005/04/11/[www.savefile.com]050411183311_lastpost.gi
ASKER
it shouldnt be possible to see the image from the link above. How do I prevent that?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
perfect, used this one:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://fs01.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe|gif|exe) $ http://www.savefile.com [R,NC]
going to add the 20-30 extentions instead, was not able to get the wildcard to work.
thanks for the help :)
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://fs01.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe|gif|exe)
going to add the 20-30 extentions instead, was not able to get the wildcard to work.
thanks for the help :)
ASKER
I'm still able to link direct to the file by putting the link in the adress field of my browser. Is there a way to prevent this?
All users are comming from one of two pages and should not be able to get the files other ways.
All users are comming from one of two pages and should not be able to get the files other ways.
Reverse the logic, right?
RewriteCond %{HTTP_REFERER} ^$
Should now be is blank.
Replaces:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} ^$
Should now be is blank.
Replaces:
RewriteCond %{HTTP_REFERER} !^$
ASKER
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP_REFERER} ^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http://www.savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http://fs01.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe|gif|exe) $ http://www.savefile.com [R,NC]
Something like that?
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP_REFERER} ^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http://www.savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http://fs01.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe|gif|exe)
Something like that?
ASKER
I using the code below witch prevent the user from using the link direct in his browser, but they are now able to link directly from pages. Isnt there a way to make both works (so they cant access it at all, unless they are coming from a savefile.com page)?
http://coldlink.com/htm/tool.htm
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://fs01.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe|gif|exe) $ http://www.savefile.com [R,NC]
http://coldlink.com/htm/tool.htm
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP_REFERER} !^http://savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.savefile.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://fs01.savefile.com/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|jpe|gif|exe)
What about taking out this line?
RewriteCond .. ^$
...
That should accomplish the desired effect.
RewriteCond .. ^$
...
That should accomplish the desired effect.
I went back and looked at some I did...
Here's one for tacticz.com.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://tacticz.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://tacticz.com$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tacticz.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tacticz.com$ [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp) $ - [F,NC]
And (Allowing direct requests, and sending user to the root robots.org. A jpg would have been nice, but this gives them a nice missing file broken link, which annoys webmasters, and hopefully will get you off their lists. )
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://tacticz.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://tacticz.com$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tacticz.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tacticz.com$ [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp) $ http://robots.org [R,NC]
Here's one for tacticz.com.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://tacticz.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://tacticz.com$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tacticz.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tacticz.com$ [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)
And (Allowing direct requests, and sending user to the root robots.org. A jpg would have been nice, but this gives them a nice missing file broken link, which annoys webmasters, and hopefully will get you off their lists. )
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://tacticz.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://tacticz.com$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tacticz.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tacticz.com$ [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)
ASKER
the first one is working perfect :)
Yes of course. I don't know what I was thinking in the earlier post. Let that be a lesson to you (and by you, I mean me) 'bout posting when you wake up before you start the caffeine I.V.
ASKER
Order Deny,Allow
Deny from all
Allow from savefile.com