Lunarpages' assortment of hosting products and solutions ensure a perfect fit for anyone looking to get their vision or products to market. Our award winning customer support and 30-day money back guarantee show the pride we take in being the industry's premier MSP.
Solved
Apache .htaccess not working
Posted on 2012-12-26
Hello, I created a htaccess and passed it at the root of the html directory. I even set it so that apache is the owner of the file. However, I am still able to hotlink to my image or pdf file. What could be the problem? Please see my htaccess file below.
Thanks for your assistance.
#prevent viewing of .htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>
#prevent directory listing
IndexIgnore *
#custom error message
ErrorDocument 401 /custom-error/401.php
ErrorDocument 403 /custom-error/403.php
ErrorDocument 404 /custom-error/404.php
ErrorDocument 500 /custom-error/500.php
#prevent hotlinking to images (gif, png, jpg), documents (csv, pdf, xls, xlsx) and web files (javascript: js, css)
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|png|jpg|csv|pdf|xls
Thanks for your assistance.
#prevent viewing of .htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>
#prevent directory listing
IndexIgnore *
#custom error message
ErrorDocument 401 /custom-error/401.php
ErrorDocument 403 /custom-error/403.php
ErrorDocument 404 /custom-error/404.php
ErrorDocument 500 /custom-error/500.php
#prevent hotlinking to images (gif, png, jpg), documents (csv, pdf, xls, xlsx) and web files (javascript: js, css)
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|png|jpg|csv|pdf|xls
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3-
2
- +1
7 Comments
You may get a good answer on the Apache front, but in case you do not, or you want a little stronger way to discourage hotlinking, this article will show how to watermark hotlinked image files. If the watermark is not enough for you, you could change the script a very little bit and render a picture of something else that would discourage further hotlinking...
www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_10065.html
www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_10065.html
If you have root access, put the above block in the httpd.conf, as Apache will only have to parse and compile the rules once, at server start-up, rather than for every browser request received by Apache.
As to why it dosen't work, loose the first Http_referer condition, as that's allowing BLANK referer strings.
As to why it dosen't work, loose the first Http_referer condition, as that's allowing BLANK referer strings.
Try this tool
http://www.htaccesstools.com/hotlink-protection/
http://www.htaccesstools.com/hotlink-protection/
abolinhas -- i tried that and the code look the same to me.
arober11 - i don't think it is i the http_referer condition. it is recommending to have the blank refere string and i do want that as part of the condition
ray_paseur - that is a good idea if images and other files aren't changing as often as it is here.
I am still hoping to use htaccess so that I have control over security instead of having to rely on system admin because they are the only one who can configure the httpd.conf file.
Does anyone else see or know why my code might not be working??
arober11 - i don't think it is i the http_referer condition. it is recommending to have the blank refere string and i do want that as part of the condition
ray_paseur - that is a good idea if images and other files aren't changing as often as it is here.
I am still hoping to use htaccess so that I have control over security instead of having to rely on system admin because they are the only one who can configure the httpd.conf file.
Does anyone else see or know why my code might not be working??
If you want to see what's going on, have the admin temporarily paste the following into you httpd.conf and restart Apache:
RewriteLog /tmp/tmp_apace_rewrite.log
RewtiteLogLevel 9
arober11 - I have the admin perform the modification to the httpd.conf and when I viewed the log file, I get the following:
(2) init rewrite engine with requested uri /
(3) applying pattern '^(/htdocs/.*)' to uri '/'
(3) applying pattern '.*' to uri '/'
(4) RewriteCond: input='GET' pattern='^(TRACE|TRACK)' => not-matched
(1) pass through /
(3) [perdir /var/www/html/] strip per-dir prefix: /var/www/html/ ->
(3) [perdir /var/www/html/] applying pattern '\.(gif|png|jpg|csv|pdf|xl
(1) [perdir /var/www/html/] pass through /var/www/html
Does the log indicates what the problem might be?
(2) init rewrite engine with requested uri /
(3) applying pattern '^(/htdocs/.*)' to uri '/'
(3) applying pattern '.*' to uri '/'
(4) RewriteCond: input='GET' pattern='^(TRACE|TRACK)' => not-matched
(1) pass through /
(3) [perdir /var/www/html/] strip per-dir prefix: /var/www/html/ ->
(3) [perdir /var/www/html/] applying pattern '\.(gif|png|jpg|csv|pdf|xl
(1) [perdir /var/www/html/] pass through /var/www/html
Does the log indicates what the problem might be?
Featured Post
With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
This article discusses how to implement server side field validation and display customized error messages to the client.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses
Course of the Month10 days, 8 hours left to enroll
719 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.