IIS 7 URL Rewriting Rule for images not referred by the website itself

New to URL rewriting with IIS 7. I need to redirect to another page for images not referred by the website itself. For example is someone enters "www.somesite.com/images/image001.jpg" into their browser it'll redirect the user to "www.somesite.com/prevent.aspx?image001.jpg".

I found a few good tips for preventing hotlinking here: http://blogs.iis.net/ruslany/archive/2009/04/08/10-url-rewriting-tips-and-tricks.aspx, which works great, but nothing like what I want from the above example.

Rewrite rule for preventing hotlinking:

    <rule name="Prevent image hotlinking">
      <match url=".*\.(gif|jpg|png)$"/>
      <conditions>
        <add input="{HTTP_REFERER}" pattern="^$" negate="true" />
        <add input="{HTTP_REFERER}" pattern="^http://ruslany\.net/.*$" negate="true" />
      </conditions>
      <action type="Rewrite" url="/images/say_no_to_hotlinking.jpg" />
    </rule>

Open in new window


Rewrite Rule for Redirection:

    <rule name="Query String Rewrite">
      <match url="page\.asp$" />
      <conditions>
        <add input="{QUERY_STRING}" pattern="p1=(\d+)" />
        <add input="##{C:1}##_{QUERY_STRING}" pattern="##([^#]+)##_.*p2=(\d+)" />
      </conditions>
      <action type="rewrite" url="newpage.aspx?param1={C:1}&amp;amp;param2={C:2}" appendQueryString="false"/>
    </rule>

Open in new window


Anyway to somehow combine the rules to do what I want?

Thanks in advance
KinjiteAsked:
Who is Participating?
 
Brad HoweDevOps ManagerCommented:
Hi,
I don't know why you need to combine them both. They both do 2 different functions. Anyways, the hotlink rule is fine. You just need to change the referer and add the R:0 variable.

            <rule name="Prevent Hotlinking" stopProcessing="true">
                    <match url=".*\.(gif|jpg|png)$" />
                    <conditions>
                        <add input="{HTTP_REFERER}" pattern="^$" negate="true" />
                        <add input="{HTTP_REFERER}" pattern="http://your\.domain\.com$" negate="true" />
                    </conditions>
                    <action type="Rewrite" url="/prevent.aspx?{R:0}" appendQueryString="false" />
                </rule>

Cheers,
Hades666
0
 
KinjiteAuthor Commented:
I tried this.

It works if you refresh the image after its been loaded into the browser. It also works if you paste the image directly into the browser without going to the site.

Sites like stumbleupon and twitter's t.co redirect links still show the image and this is what I'm trying to prevent. They request millions of photo impressions per month.

Any way to redirect to the prevent page whether or not the referrer is empty or not AND only allow the image to be show by itself in the browser if its from the domain itself?
0
 
KinjiteAuthor Commented:
It works. I forgot to add negate="true" to the conditions
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.