For my mobile site I want to restrict access for some of my images like "lady bug.gif" "bluemoon.gif" etc. So these images won't be shown in http://m.mysite.org for faster and less clutter mobile experience. How can I do this?
Not working example:
rewriteEngine On
<files bluemoon.gif>
order allow,deny
deny from all
</files>
I think you will be better off internally rewriting to a small 1px image, rather than simply blocking access. If you block access (404, 403, etc) then you would end up with errors in your front end.
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTP_HOST} =m.mysite.org
RewriteRule (lady\sbug|bluemoon)\.gif$ /images/mobile-placeholder.gif [L]
Note that if you have spaces in your filenames then you will need to replace these with \s in the RewriteRule pattern (a regular expression) - as above.
Related
I'm getting tons of requests on my site based on an old url (get variable) structure. Its not something humans follow, so instead of redirecting it I want to block it so it uses almost 0 resources from server.
If the url contains something like thewebsite.com/?s=bla&some_variable=1 I want to block it with prejuduce!
This is what I have but it does not seem to work.
<FilesMatch "some_variable=1$">
order allow,deny
deny from all
</FilesMatch>
What am I doing wrong here?
You could parse query string with mod_rewrite and QUERY_STRING.
You can put this code in your root htaccess
RewriteEngine On
RewriteCond %{QUERY_STRING} some_variable=1 [NC]
RewriteRule ^ - [F]
Note: don't forget to check if mod_rewrite is enabled
I have jpg urls like these:
http://domain.com/members/content/upload/temp/1600watermarked/photo.jpg
http://domain.com/members/content/upload/test-123/1200watermarked/photo.jpg
http://domain.com/members/content/upload/random/1800watermarked/photo.jpg
In the folder content I have an htaccess file with this in there:
<FilesMatch /watermarked/.*>
Order Allow,Deny
Deny from all
</FilesMatch>
But that doesn't seem to work in blocking any jpg urls with the word "watermarked" in them. Any suggestions?
Well after some more experimenting I got this:
RewriteCond %{REQUEST_URI} ^(.*)watermarked(.*)$
RewriteRule ^(.*)$ http://domain.com/forbidden.htm [R=301,L]
It's not exactly a forbidden error but it works better in my case since I can redirect them to a page to upgrade their accounts to see the blocked content.
i want to use .htacess to block all domains to access my images folder.
this folder is only accessible by own domain only.
I think what you are looking for is some sort of hotlink protection in which case this in your .htaccess file should work:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
Change yourdomain.com to whatever your domain is. Change the RewriteRule to include any file extensions you wish to block and then place the entire thing in a .htaccess file in the directory you wish to protect.
As described in this page of Apache docs, you can accomplish it with the following directives, replacing example\.com with your domain name (please remember to escape any dot characters from . to \.:
SetEnvIf Referer example\.com localreferer
<FilesMatch \.(jpe?g|png|gif)$>
Order deny,allow
Deny from all
Allow from env=localreferer
</FilesMatch>
I think I know how to hide the files but how do I use mod_rewrite to allow only the web service to be called in the same directory?
Here is the directory/file structure
/var/www/html/xmlrpc/xmlrpc.server.php
/var/www/html/xmlrpc/xmlrpc.client.php
/var/www/html/xmlrpc/xmlrpc.class.php
/var/www/html/xmlrpc/xmlrpc.ini
/var/www/html/xmlrpc/logs
Important note: /var/www/html/xmlrpc/logs has 777 permission
before you start harping on me I plan to move this into a non public directory and give the correct permissions. But I was asked to see if I could hide it with the .htaccess file.
.htaccess
AuthType Basic
AuthName "My hidden files"
AuthBasicProvider file
AuthUserFile /var/www/html/xmlrpc/.pswds
Require valid-user
.pswds
user:5/abcde1abcdE
Also I'm a newbie with mod_rewite/mod_alias and need this URL:
http://127.0.0.1/xmlrpc/xmlrpc.server.php
to be this:
http://127.0.0.1/xmlrpc/v1/
How does one do this?
Also on know on the virtual host setup in Apache you can set the log file paths/names, can this be done from the .htaccess file as well?
Examples are welcome as this is a learning experience for me as well.
Ah mod_rewrite. Try this in the xmlrpc directory:
RewriteEngine On
RewriteRule ^v1/$ xmlrpc.server.php [L]
Some questions though - does xmlrpc.server.php take any get parameters? Can you guarantee that the url will always include a trailing slash?
To enforce a trailing slash as well as some other stuff, try this:
# Allows direct linking to files
RewriteCond %{REQUEST_FILENAME} !-f
#Checks if the url is missing a slash, if so, evaluate rule below
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteRule ^(.*)$ http://127.0.0.1/$1/ [L,R=301]
The last rule will have to be adjusted depending on where you put the .htaccess file. If it's at the root, then it will work for all lower directories. If it's in the xmlrpc folder, then you can leave off the localhost.
Also remember to restrict access to the .htaccess file:
<Files .htaccess>
order allow,deny
deny from all
</Files>
Someone else will have to answer the other questions - not as familiar with that.
I am looking for the specific .htaccess command that will allow me to deny http access from everyone BUT my scripts.
I have a script that runs out of the root directory that goes and fetches all of the .jpg's out of a given protected directory with the following .htaccess file
<files *.jpg>
order allow, deny
deny from all
</files>
I was thinking something similar to this might work
<files *.jpg>
order allow, deny
deny from all
allow from rootUrl.com
</files>
Your first example should work, since scripts don't make any HTTP requests.
Edit: Unless, your script for some strange reason makes HTTP requests to its own server, which I really don't think it does. Nor should it.
Edit again: Since your script is outputting img elements pointing to the protected files, you have to let all visitors access the files. There is no work-around. You could however stop hotlinking by using .htaccess like this:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yoursite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ [F]