Tx74Qp853mR
asked on
Apache .htaccess Hot Link Blocking Code
Experts,
I moved some domains from one registrar to another, and after the move, my .htaccess rewrite code is not working as it was before the registrar move.
The domains are being hosted on the same server before and after the registrar move. Nothing has changed except the registrar move. No files were moved or modified, etc.
The rewrite code prevents hot-linking to certain file types on the site ... here's the code:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
RewriteRule .*\.(gif|jpg|swf|dcr|txt|p
Here's the problem:
When accessing the site using IE6 with URL: http://www.domain.com
the site is rendered without formatting -- i.e. the CSS is not loaded properly.
But when accessing the site using IE6 with URL: http://domain.com
the site is rendered correctly -- i.e. the CSS loads properly.
Strangely, FF3 renders the site correctly with both URL variants.
Removing the .htaccess hot-link blocking code, makes the IE6 problem go away.
I viewed the site with IE6 from different computers and different ISPs, just in case the problem was related to a single computer or ISP ... but the problem occurs in all tests.
To see if the problem was limited to just one domain, I tested all the transferred domains. The problem occurs on all transferred domains that contain the hot-link blocking code in .htaccess -- removing .htaccess makes the problem disappear.
Any ideas what may be causing this?
Thanks.
I moved some domains from one registrar to another, and after the move, my .htaccess rewrite code is not working as it was before the registrar move.
The domains are being hosted on the same server before and after the registrar move. Nothing has changed except the registrar move. No files were moved or modified, etc.
The rewrite code prevents hot-linking to certain file types on the site ... here's the code:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
RewriteRule .*\.(gif|jpg|swf|dcr|txt|p
Here's the problem:
When accessing the site using IE6 with URL: http://www.domain.com
the site is rendered without formatting -- i.e. the CSS is not loaded properly.
But when accessing the site using IE6 with URL: http://domain.com
the site is rendered correctly -- i.e. the CSS loads properly.
Strangely, FF3 renders the site correctly with both URL variants.
Removing the .htaccess hot-link blocking code, makes the IE6 problem go away.
I viewed the site with IE6 from different computers and different ISPs, just in case the problem was related to a single computer or ISP ... but the problem occurs in all tests.
To see if the problem was limited to just one domain, I tested all the transferred domains. The problem occurs on all transferred domains that contain the hot-link blocking code in .htaccess -- removing .htaccess makes the problem disappear.
Any ideas what may be causing this?
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@necati
It works !
But apparently it's a mystery as to why certain versions of IE6 are affected by this Apache rewrite, yet FF is entirely unaffected.
Also, there's some connection to the registrar change -- i.e. my code worked fine prior to the registrar change -- but that too is a mystery.
Many thanks !
It works !
But apparently it's a mystery as to why certain versions of IE6 are affected by this Apache rewrite, yet FF is entirely unaffected.
Also, there's some connection to the registrar change -- i.e. my code worked fine prior to the registrar change -- but that too is a mystery.
Many thanks !
If you check the link I provided you can see the some version of IE6 have problems putting "/" at the end of URL. That's why your reguler expression doesn't work. Anyhow if it works then we are both happy :)
ASKER
@necati
I did check the link ... the mystery I was referring to is this:
Given my original rewrite rule:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
The article refers to the com/ portion of that rule, and explains that Apache sends a redirect from .com to .com/
Most browsers answer the redirect with the trailing / but some versions of IE6 fail to answer the redirect with the trailing / causing Apache to deny the resource due to the above rule.
However my testing showed problems with http://www.domain.com but not with http://domain.com ... suggesting that the problems I reported were related to the (www\.) portion of the rule.
That was not explained in the article.
So, given that the problem goes away with this rule:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com(/.*)*$ [NC]
Compared to the original rule:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
What is causing the IE6 problems I reported with the original rule?
i.e.
http://www.domain.com --- fails
http://domain.com --- succeeds
In trying to answer that question, I conducted additional testing, and here's what I found.
If you type the following in the IE6 address bar and press the GO button:
1) http://www.domain.com --- fails
2) http://domain.com --- fails
However, if you type http://www.domain.com and press the GO button, you will get a failure, but if you now edit the address bar to http://domain.com and press the GO button, you will get success.
In every case, when you type a URL in the IE6 address bar, such as http://www.domain.com, and press the GO button, the URL in the address bar gets a trailing / appended when the resource is rendered, whether the resource is rendered correctly or not. However, the trailing / may not be sent back to the server in some cases, even though it's displayed in the address bar.
This is the sequence produced by IE6 -- which causes the behavior reported in my opening post:
1) Type in address bar --- http://www.domain.com
2) Press GO button
3) IE6 address bar shows http://www.domain.com/ --- note the trailing /
4) IE6 renders the page without formatting --- i.e. CSS is not loaded, due to the rewrite rule
5) Edit address bar to --- http://domain.com/
6) Press GO button
7) IE6 renders the page with formatting --- i.e. CSS is loaded properly
So, what I think is happening is that certain versions of IE6 contain buggy code that fails to send the trailing / when redirected to do so by Apache, even though the trailing / may appear in the address bar, but this only happens under certain circumstances, as explained above.
I did check the link ... the mystery I was referring to is this:
Given my original rewrite rule:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
The article refers to the com/ portion of that rule, and explains that Apache sends a redirect from .com to .com/
Most browsers answer the redirect with the trailing / but some versions of IE6 fail to answer the redirect with the trailing / causing Apache to deny the resource due to the above rule.
However my testing showed problems with http://www.domain.com but not with http://domain.com ... suggesting that the problems I reported were related to the (www\.) portion of the rule.
That was not explained in the article.
So, given that the problem goes away with this rule:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com(/.*)*$ [NC]
Compared to the original rule:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
What is causing the IE6 problems I reported with the original rule?
i.e.
http://www.domain.com --- fails
http://domain.com --- succeeds
In trying to answer that question, I conducted additional testing, and here's what I found.
If you type the following in the IE6 address bar and press the GO button:
1) http://www.domain.com --- fails
2) http://domain.com --- fails
However, if you type http://www.domain.com and press the GO button, you will get a failure, but if you now edit the address bar to http://domain.com and press the GO button, you will get success.
In every case, when you type a URL in the IE6 address bar, such as http://www.domain.com, and press the GO button, the URL in the address bar gets a trailing / appended when the resource is rendered, whether the resource is rendered correctly or not. However, the trailing / may not be sent back to the server in some cases, even though it's displayed in the address bar.
This is the sequence produced by IE6 -- which causes the behavior reported in my opening post:
1) Type in address bar --- http://www.domain.com
2) Press GO button
3) IE6 address bar shows http://www.domain.com/ --- note the trailing /
4) IE6 renders the page without formatting --- i.e. CSS is not loaded, due to the rewrite rule
5) Edit address bar to --- http://domain.com/
6) Press GO button
7) IE6 renders the page with formatting --- i.e. CSS is loaded properly
So, what I think is happening is that certain versions of IE6 contain buggy code that fails to send the trailing / when redirected to do so by Apache, even though the trailing / may appear in the address bar, but this only happens under certain circumstances, as explained above.
but what do your apache logs tell you....
w.r.t. to these different setups.