?
Solved

IIS 7 URL Rewriting Rule for images not referred by the website itself

Posted on 2011-10-14
3
Medium Priority
?
922 Views
Last Modified: 2012-05-12
New to URL rewriting with IIS 7. I need to redirect to another page for images not referred by the website itself. For example is someone enters "www.somesite.com/images/image001.jpg" into their browser it'll redirect the user to "www.somesite.com/prevent.aspx?image001.jpg".

I found a few good tips for preventing hotlinking here: http://blogs.iis.net/ruslany/archive/2009/04/08/10-url-rewriting-tips-and-tricks.aspx, which works great, but nothing like what I want from the above example.

Rewrite rule for preventing hotlinking:

    <rule name="Prevent image hotlinking">
      <match url=".*\.(gif|jpg|png)$"/>
      <conditions>
        <add input="{HTTP_REFERER}" pattern="^$" negate="true" />
        <add input="{HTTP_REFERER}" pattern="^http://ruslany\.net/.*$" negate="true" />
      </conditions>
      <action type="Rewrite" url="/images/say_no_to_hotlinking.jpg" />
    </rule>

Open in new window


Rewrite Rule for Redirection:

    <rule name="Query String Rewrite">
      <match url="page\.asp$" />
      <conditions>
        <add input="{QUERY_STRING}" pattern="p1=(\d+)" />
        <add input="##{C:1}##_{QUERY_STRING}" pattern="##([^#]+)##_.*p2=(\d+)" />
      </conditions>
      <action type="rewrite" url="newpage.aspx?param1={C:1}&amp;amp;param2={C:2}" appendQueryString="false"/>
    </rule>

Open in new window


Anyway to somehow combine the rules to do what I want?

Thanks in advance
0
Comment
Question by:Kinjite
  • 2
3 Comments
 
LVL 30

Accepted Solution

by:
Brad Howe earned 2000 total points
ID: 36971952
Hi,
I don't know why you need to combine them both. They both do 2 different functions. Anyways, the hotlink rule is fine. You just need to change the referer and add the R:0 variable.

            <rule name="Prevent Hotlinking" stopProcessing="true">
                    <match url=".*\.(gif|jpg|png)$" />
                    <conditions>
                        <add input="{HTTP_REFERER}" pattern="^$" negate="true" />
                        <add input="{HTTP_REFERER}" pattern="http://your\.domain\.com$" negate="true" />
                    </conditions>
                    <action type="Rewrite" url="/prevent.aspx?{R:0}" appendQueryString="false" />
                </rule>

Cheers,
Hades666
0
 

Author Comment

by:Kinjite
ID: 36975615
I tried this.

It works if you refresh the image after its been loaded into the browser. It also works if you paste the image directly into the browser without going to the site.

Sites like stumbleupon and twitter's t.co redirect links still show the image and this is what I'm trying to prevent. They request millions of photo impressions per month.

Any way to redirect to the prevent page whether or not the referrer is empty or not AND only allow the image to be show by itself in the browser if its from the domain itself?
0
 

Author Closing Comment

by:Kinjite
ID: 36975650
It works. I forgot to add negate="true" to the conditions
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
Use this article to create a batch file to backup a Microsoft SQL Server database to a Windows folder.  The folder can be on the local hard drive or on a network share.  This batch file will query the SQL server to get the current date & time and wi…
Loops Section Overview
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question