asked on prevent hot linking of images Linux Centos
Hi,
I came across this bit of code to prevent hotlinking of my images on https://secure.myultratrust.com and
http://myultratrust.com
I put the following in my httpd.conf file:
I then restarted apache. But the above prevents my images from displaying on my own site though.
Also, I tried this in my .htaccess file:
I restarted apache. But I still see the image here:
http://tutorialref.com/test/temp/test_hotlinking.html
https://secure.myultratrust.com/diy/login/images/bottom-separator.png - that's an image to test.
Thank you,
Victor
I came across this bit of code to prevent hotlinking of my images on https://secure.myultratrust.com and
http://myultratrust.com
I put the following in my httpd.conf file:
SetEnvIfNoCase Referer "^https://secure\.myultratrust\.com/" banimages=1
SetEnvIfNoCase Referer "^http://myultratrust\.com/" banimages=1
SetEnvIfNoCase Referer "^http://www\.myultratrust\.com/" banimages=1
SetEnvIfNoCase Referer "^$" banimages=1
<FilesMatch "\.(gif|png|jpe?g)$">
Order Allow,Deny
Allow from env=banimages=1
</FilesMatch>
I then restarted apache. But the above prevents my images from displaying on my own site though.
Also, I tried this in my .htaccess file:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?cyberciti.biz/.*$ [NC]
RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ - [F]
I restarted apache. But I still see the image here:
http://tutorialref.com/test/temp/test_hotlinking.html
https://secure.myultratrust.com/diy/login/images/bottom-separator.png - that's an image to test.
Thank you,
Victor
LinuxLinux DistributionsLinux Security
Last Comment
Victor Kimura
ASKER
Hi Dave,
Sorry, I posted the wrong code from the .htaccess file:
I also tried this:
Both times I restarted apache.
But I can still see the image here:
http://tutorialref.com/test/temp/test_hotlinking.html
What am I doing wrong?
Sorry, I posted the wrong code from the .htaccess file:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(secure\.)?myultratrust.com/.*$ [NC]
RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ - [F]
I also tried this:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www\.)?myultratrust\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://myultratrust\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^https://(secure\.)?myultratrust\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(jpeg|jpg|gif|png)$ - [F]
Both times I restarted apache.
But I can still see the image here:
http://tutorialref.com/test/temp/test_hotlinking.html
What am I doing wrong?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
it's strange. but I can still see this image on this page:
http://tutorialref.com/test/temp/test_hotlinking.html
Something else wrong:
Maybe a setting?
http://tutorialref.com/test/temp/test_hotlinking.html
Something else wrong:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(secure\.)?myultratrust.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|js|css)$ - [F]
Maybe a setting?
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
hmm...I put the code above in an .htaccess file in the image directory at:
https://secure.myultratrust.com/diy/login/images/
restarted apache. Still image is showing up at:
http://tutorialref.com/test/temp/test_hotlinking.html
Is it because it's in a sub-domain and so perhaps I need something extra so the server knows where the images directory is precisely?
https://secure.myultratrust.com/diy/login/images/
restarted apache. Still image is showing up at:
http://tutorialref.com/test/temp/test_hotlinking.html
Is it because it's in a sub-domain and so perhaps I need something extra so the server knows where the images directory is precisely?
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
I don't know what to tell you. 'rewrite' has never been all that clear to me.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Glad you found it, I didn't even notice that.
ASKER
Thanks, Dave! =)
http://www.javascriptkit.com/howto/htaccess10.shtml
Here are some suggestions from Dreamhost:
http://wiki.dreamhost.com/Preventing_hotlinking