Prevent others from leaching/downloading fonts using htaccess? - .htaccess

Im not sure if this is a duplicate, if it is, please accept my apologies in advance. How can I prevent others from leaching/downloading my #font-face fonts (eot, svg, ttf, woff) using .htaccess and only allowing my domain to use them?

Thanks to the guys over at the #httpd channel on IRC. I've finally found the htaccess block of code to prevent people from hotlinking to my fonts.
SetEnvIfNoCase Referer "^https?://([^/]*)?example\.com/" local_ref=1
SetEnvIf Referer ^$ local_ref=1
<FilesMatch "\.(eot|svg|ttf|woff)$">
Order Allow,Deny
Allow from env=local_ref
</FilesMatch>
Source: Apache Wiki.
For some reason, the code which #joshhendo provided me didn't work for both font file types and images. I'm not sure how .htaccess works, perhaps others with more experience can chime in.

You could prevent hot linking (see http://altlab.com/htaccess_tutorial.html ). This could be changed for font faces), which would allow only pages from your domain to access it. This won't stop people downloading the fonts and uploading them to their own servers, but there's nothing you can do about that.
The following code should work (it's from the URL above, but I've modified it to include the fonts you mentioned. Obviously you will need to change mysite.com to your domain name.
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(eot|svg|ttf|woff)$ - [F]

Related

Deny access to all jpg urls that have a certain name in the url

I have jpg urls like these:
http://domain.com/members/content/upload/temp/1600watermarked/photo.jpg
http://domain.com/members/content/upload/test-123/1200watermarked/photo.jpg
http://domain.com/members/content/upload/random/1800watermarked/photo.jpg
In the folder content I have an htaccess file with this in there:
<FilesMatch /watermarked/.*>
Order Allow,Deny
Deny from all
</FilesMatch>
But that doesn't seem to work in blocking any jpg urls with the word "watermarked" in them. Any suggestions?
Well after some more experimenting I got this:
RewriteCond %{REQUEST_URI} ^(.*)watermarked(.*)$
RewriteRule ^(.*)$ http://domain.com/forbidden.htm [R=301,L]
It's not exactly a forbidden error but it works better in my case since I can redirect them to a page to upgrade their accounts to see the blocked content.

301 Redirect .mp4 file to a link

I have a link to a video file (example.com/abc.mp4), which, when clicked, I would like to redirect to another link. We don't want to change the link on the page since this link was given out, so it would make more sense to redirect it, if possible.
I would think there should be a way to do this via .htaccess and RegEx, but have not been able to have any luck finding a solution, or talk about something like this.
Does anyone have any ideas?
There are two chances: either you're doing the redirection rule wrong, or your Apache is ignoring the .htaccess directives. ¿Do you know if another rewrite rules are working? ¿Can you check if your vhost if configured with AllowOverride All?
Additionally, you could try the following rule to redirect a file which doesn't exist. Just to be sure:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^xyz\.mp4 http://www.newsite.com/newfile.mp4 [r=301,L]
</IfModule>

.htaccess redirect when URL contains parameters

Yes, I searched the site and found many examples, but my .htacces skills are very limited, so NONE of examples worked for me after trying to modify them to suit my needs.
Put simply, if URL is like "index.php?/............" user should be redirect to example.com (ideally, to example.com instead of example.com/index.php) immediately.
I need this because I have an old domain that was used for forum, so I get thousands of requests like "example.com/index.php?/whatever" and all these virtual pages display the same content, which hurts my rankings badly.
My index.php file has NO parameters at all (but some other files have, so the rule shouldn't affect other files).
Thanks a lot!
Try adding these rules to the htaccess file in your document root (preferably before any other rules you have there)
RewriteEngine On
RewriteCond %{QUERY_STRING} ^/
RewriteRule ^index\.php$ /? [L,R=301]

Url not complying to .htaccess rules

I have a problem with one of the url's in my website , it doesn't seem to comply to my .htaccess rules. The problem I'm experiencing is the following.
I access my site using url: http://www.website.com/sitemap
I have the following .htaccess rules:
ReWriteEngine On
php_value include_path ".:/Webserver/blabla/boo"
RewriteCond %{REQUEST_URI} !^/cms[A-Za-z0-9\-_/]*$
ReWriteRule ^([A-Za-z0-9\-_/]*)$ /site/index.php/
ReWriteRule ^$ /site/index.php/
So I would expect this URL call to rewrite to /site/index.php but the point is it never goes there and instead opens sitemap.xml which is in the webroot. It does work for all other URL's in my site. What could be the case here?
I found the culprit. It was due to the MultiViews option set in httpd.conf and each individual site .conf file. I disabled the MultiViews option in the per site .conf file setting it to -MultiViews
Maybe this question fits better in Serverfault. Is there a posibility for me to transfer it?

Redirect all .php traffic to .php5 files

I have a personal website with a MediaWiki installation on a shared host. The Apache configuration treats all .php request with PHP 4, and all .php5 requests with PHP5.
For compatibility reasons I need to be able to use the .php extension, but MediaWiki is only available on PHP5. I tried to use the mod_rewrite engine, but I'm stuck with the rule.
Here's the current file:
DirectoryIndex index.php5
RewriteEngine on
# This rewrites URIs in the form /pages/Article_Name to /index.php5?title=Article_Name.
RewriteCond %{REQUEST_URI} !^/pages/index.php5.*$ [NC]
RewriteRule ^pages/?(.*)$ /index.php5?title=$1 [L]
# This is the broken rule
RewriteCond %{REQUEST_URI} ^index\.php(([^5])(.*))?$ [NC]
RewriteRule ^index\.php(([^5])(.*))?$ /index.php5?$1 [L]
The idea of the rule was "Redirect all content from index.php (not followed by '5') to index.php5".
Any idea?
Edit:
SetEnv PHP_VER 5
works, but I'm still interested on why the rule was not taken into account.
RewriteEngine On
RewriteBase /
RewriteRule ^(.*)\.php $1.php5 [R=301,L]
RewriteRule ^(.*)\.php $1.php5 [L]
I found this on the following web site which may be useful, you could make it more specific and remove the catchall to change only a certain number of .php files if you liked.
You can also customize it to suit only a certain directory using the RewriteBase condition.
I would change hosts, you shouldn't have to have php applications state their version after the extension. It was ghetto with PHP3 and very ghetto and bad practice for php5.
While of course its possible this is bad practice and you will most likely never see an OSS application built around a php5 file extension naming convention.
I would quit while you're ahead and jump ship on a bad host - not try and alter how an application like mediawiki is built to operate. The hosts I've seen that have both php4 and php5 allow you to choose which install you would like to run for the domain - not designate it with a file extension. Thats ghetto.
Try this
AddType x-mapp-php .php5
It might be the other way around, try it though, i cant atm :S
The REQUEST_URI value always starts with a slash but your pattern doesn’t.
This seems to work for me:
AddType application/x-httpd-php5 .php

Resources