Solved

prevent hot linking of images Linux Centos

Posted on 2013-12-18
11
901 Views
Last Modified: 2014-01-12
Hi,

I came across this bit of code to prevent hotlinking of my images on https://secure.myultratrust.com and
http://myultratrust.com

I put the following in my httpd.conf file:
SetEnvIfNoCase Referer "^https://secure\.myultratrust\.com/" banimages=1
SetEnvIfNoCase Referer "^http://myultratrust\.com/" banimages=1
SetEnvIfNoCase Referer "^http://www\.myultratrust\.com/" banimages=1
SetEnvIfNoCase Referer "^$" banimages=1
<FilesMatch "\.(gif|png|jpe?g)$">
  Order Allow,Deny
  Allow from env=banimages=1
</FilesMatch>

Open in new window


I then restarted apache. But the above prevents my images from displaying on my own site though.

Also, I tried this in my .htaccess file:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?cyberciti.biz/.*$ [NC]
RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ - [F] 

Open in new window


I restarted apache. But I still see the image here:
http://tutorialref.com/test/temp/test_hotlinking.html

https://secure.myultratrust.com/diy/login/images/bottom-separator.png - that's an image to test.

Thank you,
Victor
0
Comment
Question by:Victor Kimura
  • 6
  • 5
11 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39728482
Your image link uses 'https' which isn't considered in your .htaccess file.  And why are you using 'cyberciti.biz' instead of "myultratrust\.com"?

http://www.javascriptkit.com/howto/htaccess10.shtml

Here are some suggestions from Dreamhost:
http://wiki.dreamhost.com/Preventing_hotlinking
0
 

Author Comment

by:Victor Kimura
ID: 39731439
Hi Dave,

Sorry, I posted the wrong code from the .htaccess file:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(secure\.)?myultratrust.com/.*$ [NC]
RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ - [F]

Open in new window


I also tried this:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www\.)?myultratrust\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://myultratrust\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^https://(secure\.)?myultratrust\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(jpeg|jpg|gif|png)$ - [F]

Open in new window


Both times I restarted apache.

But I can still see the image here:
http://tutorialref.com/test/temp/test_hotlinking.html

What am I doing wrong?
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 39734424
This works on two of my Linux web sites.
RewriteEngine on  
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|js|css)$ - [F]

Open in new window

0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:Victor Kimura
ID: 39762725
it's strange. but I can still see this image on this page:
http://tutorialref.com/test/temp/test_hotlinking.html

Something else wrong:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(secure\.)?myultratrust.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|js|css)$ - [F]

Open in new window


Maybe a setting?
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 500 total points
ID: 39762849
If you have 'redirection' setup before the attempt to block the images, then the image block will never be seen.  Try putting that .htaccess code above in the image directory.
0
 

Author Comment

by:Victor Kimura
ID: 39763035
hmm...I put the code above in an .htaccess file in the image directory at:

https://secure.myultratrust.com/diy/login/images/

restarted apache. Still image is showing up at:
http://tutorialref.com/test/temp/test_hotlinking.html

Is it because it's in a sub-domain and so perhaps I need something extra so the server knows where the images directory is precisely?
0
 

Assisted Solution

by:Victor Kimura
Victor Kimura earned 0 total points
ID: 39763040
I found this bit of code:
RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"
RewriteRule ^/images - [F]

on the apache site:
http://httpd.apache.org/docs/current/mod/mod_rewrite.html

But not quite sure how to change it to match my condition. I find the rewritecond a thing to be grasped still.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39763133
I don't know what to tell you.  'rewrite' has never been all that clear to me.
0
 

Assisted Solution

by:Victor Kimura
Victor Kimura earned 0 total points
ID: 39763179
Haha. Lol. My simple mistake. I'm getting over a cold so I didn't see that I didn't add .png to the line!

Thanks, Dave!

Here's the code for others to use. Works for all subs.

# ------------------------------------------------
# Stop hotlinking of images
# ------------------------------------------------
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(.+\.)?mydomain.com/.*$ [NC]
RewriteRule .*\.(gif|jpg|jpeg|js|css|png)$ - [F]

Open in new window


I'm just curious what is this line actually mean?
RewriteCond %{HTTP_REFERER} !^$
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39763557
Glad you found it, I didn't even notice that.
0
 

Author Closing Comment

by:Victor Kimura
ID: 39774469
Thanks, Dave! =)
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Use CRON to save a copy of an open file 1 56
Backup Raspberri Pi over the netowrk to a Windows Share 5 52
bash file 10 50
Post Clonezilla image restore issue 6 38
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question