My current htaccess prevents hot linking and direct download of files but its also blocking download from within the site. if the user is at http(s)?://(www\.)?domain.com/portal/WHATEVER then allow download, that's what i'm trying to achieve any advice?
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?domain.com [NC]
RewriteRule \.(pdf|xls|xlsx|docx|doc)$ https://www.sub.domain.com/login.php [NC,R,L]
Related
I have the following code in my .htaccess file; it was given to me in an attempt to redirect users from one website to another, but while masking the URL such that the original domain was kept:
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^Shmoo.com$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www\.Shmoo\.com$ [NC]
RewriteRule ^(.*)$ https://wubbins.com/humnewum/$1 [R=301,L]
RewriteCond %{HTTPS_HOST} ^Shmoo.com$ [NC,OR]
RewriteCond %{HTTPS_HOST} ^www\.Shmoo\.com$ [NC]
RewriteRule ^(.*)$ https://wubbins.com/humnewum/$1 [R=301,L]
I cannot use the generic Web forwarding, redirect, or Alias tools on one.com as these seem to use iFrames and therefore the destination site does not present properly on mobile devices.
This code seems to work, for the most part (as in no iFrame) but the URL is not masked, it is displayed as the destination 'www.wubbins.com/humnewum' not the origin 'www.Shmoo.com'
Complete noob so any help greatly appreciated.
I would like to show videos (mp4) on my website but want to prevent direct access (example.com/videos/vide1.mp4). I managed to add restriction to .htaccess which I placed to video folder:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^https://(www\.)?example\.com [NC]
RewriteCond %{HTTP_REFERER} !^https://(www\.)?example\.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com.*$ [NC]
RewriteRule .*\.(gif|png|mp4)$ https://www.example.com/ [L]
This worked on Firefox/Chrome/... but on IE or Edge I get error "Invalid Source" and video is not shown on website. Looks like IE/Edge ignores or uses different HTTP_REFERER? Is there any solution for this problem?
There is a lot of tools or browsers or 'anonymizers' that might block the referer.
Which browsers/plugins block HttpReferer from being sent?
You can use:
RewriteEngine on
# This line is the equivalent of your 4 lines
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?example\.com [NC]
RewriteRule \.(gif|png|mp4)$ - [F,L]
I blocked some sites in the file but they keep comming on my server and asking for images that slow down my server how i can add a rule for them so they will see big red sign STOP HOTLINKING
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} ^http://(www\.)?somesite\.pl [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?somesite\.pl [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?somesite\.pl [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?sklep.somesite\.eu [NC]
RewriteRule \.(gif|jpe?g|js|css)$ - [F,NC,L]
Mate try the below ,
Following code will only allow the mentioned domain "alloweddomain.com" and block others from hot linking
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?alloweddomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
The above code will allow "Blank Referrers"
What is Blank Referrers ?
Some visitors uses a personal firewall or antivirus program, that deletes the page referrer information sent by the web browser. Hotlink protection is based on this information. So if you choose not to allow blank referrers, you will block these users. You will also prevent people from directly accessing an image by typing in the URL in their browser.
Suppose if you don't want to allow "Blank Referrers" then use the following code mate
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?alloweddomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
Also if suppose you want to display a image like "STOP HOTLINKING" then use the below method
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?alloweddomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ mydomain.com/img/stop_hotlink.jpg [NC,R,L]
Above code will allow "Blank referrers" . To not allow, follow as mentioned in previous step again.
Note that :
In case of displaying image for "STOP HOTLINK" make sure the image is not hotlink protected or your server can go into an endless loop.
alloweddomain.com - The domain that you want to allow for hotlink
mydomain.com/img/stop_hotlink.jpg - URL for the "STOP HOTLINK" image
Update : [ Block Specific Domains ]
To stop hotlinking from specific outside domains only, such as blockurl1.com, blockurl2.com and blockurl3.com, but allow any other web site to hotlink images:
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?blockurl1\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?blockurl2\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?blockurl3\.com/ [NC]
RewriteCond %{REQUEST_URI} !blocked\.gif$ [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://example.com/blocked.gif [L]
You can add as many different domains as needed. Each RewriteCond line should end with the [NC,OR] code. NC means to ignore upper and lower case. OR means "Or Next", as in, match this domain or the next line that follows. The last domain listed omits the OR code since you want to stop matching domains after the last RewriteCond line.
The last line contains the URL "http://example.com/blocked.gif" which contains the image that will be displayed when the condition occurs.
You can display a 403 Forbidden error code instead of an image. Replace the last line of the previous examples with this line:
RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F]
Hope this helped you mate!
So is it possible to make images in a folder non browsable even if a person has a direct link to an image? and make the page 404 or something if they try to view it ? (yet still display the image in a html page).
using .htaccess IF its even possible or something other way.
You can do that with this .htaccess in your images folder:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www\.your_domain_name\.com/ [NC]
RewriteRule ^ - [F]
Or for global site:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www\.your_domain_name\.com/ [NC]
RewriteRule \.(?:gif|png|jpg|jpeg)$ - [NC,F]
But you have to add files extensions
i am working on website of a Digital Gadgets Manufacturer.
Product images are hotlinked from hundreds of blogs & forums. which is causing bandwidth issues.
we want to replace all hotlinked images with their low resolution versions, using
.htaccess
means if the hotlinked image path is
http://www.example.com/products/gadget123/gadget123.png
we want to redirect it to
http://www.example.com/images/low-res/gadget123.png
hotlinked image paths are different, means they may be from sub-directory of any directory.
for example
/images/products/abc/gadget_abc200.jpg
/products/images/abc/gadgetabc5155_packing.png
/downloads/brochures/abc2012/abc2012_user_guide.jpg
etc...
but all low resolution images will be in
http://www.example.com/images/low-res/
directory, and their names will be same as their high resolution versions.
Try to addopt this:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^(.*?)example\.com(/.*)?$ [NC]
RewriteRule ^images/products/.+/(.+).png$ images/low-res/$1.png [L]
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^(.*?)example\.com(/.*)?$ [NC]
RewriteRule ^images/products/.+/(.+).png$ images/low-res/$1.png [L]
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^(.*?)example\.com(/.*)?$ [NC]
RewriteRule ^downloads/brochures/.+/(.+).jpg$ images/low-res/$1.jpg [L]
This rules looking for if the request comes from your site or directly from a third party.
And rewrites then the request.