Solved

Is  there a way to add an exception to a prevent hotlinking RewriteCond?

Posted on 2010-08-24
4
393 Views
Last Modified: 2016-03-18
I would like to be able to use the images on the server for my constant contact email marketing account so that anything coming from http://campaign.constantcontact.com/ would be allowed.  Below is the code I'm using in my .htaccess file from the root of my site.

Thanks for the help
Jules
#Preventing hot linking of images and other file types

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://(www\.)?dc-acupuncture.com/.*$ [NC]

RewriteRule \.(gif|png|jpg|js|css)$ - [F]

Open in new window

0
Comment
Question by:Jules Webb
  • 2
  • 2
4 Comments
 
LVL 26

Expert Comment

by:arober11
ID: 33525302
0
 
LVL 2

Author Comment

by:Jules Webb
ID: 33525545
Hi arober11, thanks for your reply:-)

Do you mean add another RewriteCond under the dc-acupuncture?  Obviously I don't want to block my own site.  

Also I'm wondering what the *$ [NC] means and it's not included on the constant contact url.  Since the constant contact url ends up with a whole string of trailing characters. Here is an example from the most recent newsletter:
http://campaign.constantcontact.com/render?v=001IP2wby2XJMKBMVUHbqzukjHKoH2ZeCqa3rgXkiD15O__MsOf2vqTaxmIPQvrsHcFFkA0Elx-_mdWUOqmKdRJ8ewdVbf9Y6bCbExnSkhiW6O-MYb8KVr2gpHHew6O1nH7

And image links for some reason end up like this: http://ih.constantcontact.com/fs005/1103523274156/img/7.jpg even though within constant contact the link is to the website image folder.

I appreciate you taking the time to educate me a bit:-)
Jules
#Preventing hot linking of images and other file types

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://(www\.)?dc-acupuncture.com/.*$ [NC]

RewriteCond %{HTTP_REFERER} !^http://campaign\.constantcontact\.com/

RewriteRule \.(gif|png|jpg|js|css)$ - [F]

Open in new window

0
 
LVL 26

Accepted Solution

by:
arober11 earned 500 total points
ID: 33526795
If "dc-acupuncture.com" also requires access, then line could read:

RewriteCond %{HTTP_REFERER}   !(dc-acupuncture|campaign\.constantcontact)\.com/   [NC]

As to what ".*$ [NC]"  signifies, the:
.*$    asks it to allow anything else up to the end of the line, and is superfluous, as it will do that anyway.
[NC]  indicates it should ignore case (NO CASE Sensitivity].

see: http://httpd.apache.org/docs/current/mod/mod_rewrite.html
0
 
LVL 2

Author Closing Comment

by:Jules Webb
ID: 33527039
Thank You Thank You! That worked perfectly.  And thanks for the mod_rewrite link!
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
The purpose of this video is to demonstrate how to update a WordPress Site’s version. WordPress releases new versions of its software frequently and it is important to update frequently in order to keep your site secure, and to get new WordPress…
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now