Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

prevent hot linking of images Linux Centos

Posted on 2013-12-18
11
Medium Priority
?
929 Views
Last Modified: 2014-01-12
Hi,

I came across this bit of code to prevent hotlinking of my images on https://secure.myultratrust.com and
http://myultratrust.com

I put the following in my httpd.conf file:
SetEnvIfNoCase Referer "^https://secure\.myultratrust\.com/" banimages=1
SetEnvIfNoCase Referer "^http://myultratrust\.com/" banimages=1
SetEnvIfNoCase Referer "^http://www\.myultratrust\.com/" banimages=1
SetEnvIfNoCase Referer "^$" banimages=1
<FilesMatch "\.(gif|png|jpe?g)$">
  Order Allow,Deny
  Allow from env=banimages=1
</FilesMatch>

Open in new window


I then restarted apache. But the above prevents my images from displaying on my own site though.

Also, I tried this in my .htaccess file:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?cyberciti.biz/.*$ [NC]
RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ - [F] 

Open in new window


I restarted apache. But I still see the image here:
http://tutorialref.com/test/temp/test_hotlinking.html

https://secure.myultratrust.com/diy/login/images/bottom-separator.png - that's an image to test.

Thank you,
Victor
0
Comment
Question by:Victor Kimura
  • 6
  • 5
11 Comments
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39728482
Your image link uses 'https' which isn't considered in your .htaccess file.  And why are you using 'cyberciti.biz' instead of "myultratrust\.com"?

http://www.javascriptkit.com/howto/htaccess10.shtml

Here are some suggestions from Dreamhost:
http://wiki.dreamhost.com/Preventing_hotlinking
0
 

Author Comment

by:Victor Kimura
ID: 39731439
Hi Dave,

Sorry, I posted the wrong code from the .htaccess file:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(secure\.)?myultratrust.com/.*$ [NC]
RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ - [F]

Open in new window


I also tried this:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www\.)?myultratrust\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://myultratrust\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^https://(secure\.)?myultratrust\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(jpeg|jpg|gif|png)$ - [F]

Open in new window


Both times I restarted apache.

But I can still see the image here:
http://tutorialref.com/test/temp/test_hotlinking.html

What am I doing wrong?
0
 
LVL 84

Accepted Solution

by:
Dave Baldwin earned 2000 total points
ID: 39734424
This works on two of my Linux web sites.
RewriteEngine on  
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|js|css)$ - [F]

Open in new window

0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 

Author Comment

by:Victor Kimura
ID: 39762725
it's strange. but I can still see this image on this page:
http://tutorialref.com/test/temp/test_hotlinking.html

Something else wrong:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(secure\.)?myultratrust.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|js|css)$ - [F]

Open in new window


Maybe a setting?
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 2000 total points
ID: 39762849
If you have 'redirection' setup before the attempt to block the images, then the image block will never be seen.  Try putting that .htaccess code above in the image directory.
0
 

Author Comment

by:Victor Kimura
ID: 39763035
hmm...I put the code above in an .htaccess file in the image directory at:

https://secure.myultratrust.com/diy/login/images/

restarted apache. Still image is showing up at:
http://tutorialref.com/test/temp/test_hotlinking.html

Is it because it's in a sub-domain and so perhaps I need something extra so the server knows where the images directory is precisely?
0
 

Assisted Solution

by:Victor Kimura
Victor Kimura earned 0 total points
ID: 39763040
I found this bit of code:
RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"
RewriteRule ^/images - [F]

on the apache site:
http://httpd.apache.org/docs/current/mod/mod_rewrite.html

But not quite sure how to change it to match my condition. I find the rewritecond a thing to be grasped still.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39763133
I don't know what to tell you.  'rewrite' has never been all that clear to me.
0
 

Assisted Solution

by:Victor Kimura
Victor Kimura earned 0 total points
ID: 39763179
Haha. Lol. My simple mistake. I'm getting over a cold so I didn't see that I didn't add .png to the line!

Thanks, Dave!

Here's the code for others to use. Works for all subs.

# ------------------------------------------------
# Stop hotlinking of images
# ------------------------------------------------
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(.+\.)?mydomain.com/.*$ [NC]
RewriteRule .*\.(gif|jpg|jpeg|js|css|png)$ - [F]

Open in new window


I'm just curious what is this line actually mean?
RewriteCond %{HTTP_REFERER} !^$
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39763557
Glad you found it, I didn't even notice that.
0
 

Author Closing Comment

by:Victor Kimura
ID: 39774469
Thanks, Dave! =)
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses
Course of the Month11 days, 17 hours left to enroll

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question