I have a website. Some of the images on my website are hotlinked in other websites. I would like to block them. I would like to allow some sites to hotlink my images (like some forums), as I have made posts about my product in those forums. I have list of sites which I regularly promote my products and I would like to allow them to hotlink my images. I would like to block all other sites other than my list.
I use shared hosting from hostgator btw.
I hope it is clearly understandable.
Please help.
Thanks
You can put this code to your .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yoursite\.com [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} ^http://.*$
RewriteRule \.(jpe?g|gif|bmp|png)$ /media/nohotlinks.png [L]
Please read this article for more information
http://www.yourhtmlsource.com/sitemanagement/bandwidththeft.html
Add the sites you want to allow as RewriteCondition to the hotlinking rule of your choice, e.g. #YNhat's above.
For hotlinking from alloweddomain.com:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?alloweddomain\.com
Related
I've an condition for my .htaccess for crawlers and search engines which takes them to a "static" page where they can scrape all content.
Up until now I've had my domain {client}.realdomain.com where {client} is a subdomain for one client.
When the client then shares something on a social network, e.g. facebook/linkedin their crawlers are taken to my .htaccess which have following conditions (and this works)
URL example: http://{client}.realdomain.com/s/token
RewriteCond %{HTTP_USER_AGENT} (LinkedInBot/[0-9]|facebookexternalhit/[0-9]|Facebot|Twitterbot|twitterbot|Pinterest|pinterest|Google.*snippet|baiduspider|rogerbot|embedly|quora\ link\ preview|showyoubot|outbrain|slackbot|vkShare|W3C_Validator)
RewriteCond %{HTTP_HOST} ^(.+?)\.realdomain\.com$
RewriteRule ^s/(.*)$ http://%1.realdomain.com/static.php?token=$1 [NC,L]
will end up as http://{client}.realdomain.com/static.php?token=token
As said, anything here works perfect but now I'm moving into having different domains, so it can be
{client}.real-domain.com and {client}.sunset.com
I essentially what the same thing in my .htaccess but it should take the whole domain with it when it redirects so it will go to e.g. http://{client}.sunset.com?static.php=token=my-secret-token if a crawler comes to {client}.sunset.com/s/my-secret-token
How would I got about doing this? I seem to be a simple solution but for some reason I just can't seem to get my head around it.
Thanks
RewriteCond %{HTTP_USER_AGENT} (LinkedInBot/[0-9]|facebookexternalhit/[0-9]|Facebot|Twitterbot|twitterbot|Pinterest|pinterest|Google.*snippet|baiduspider|rogerbot|embedly|quora\ link\ preview|showyoubot|outbrain|slackbot|vkShare|W3C_Validator)
RewriteCond %{HTTP_HOST} ^(.+?)\.%{HTTP_HOST}%\.com$
RewriteRule ^s/(.*)$ http://%1.%{HTTP_HOST}%.com/static.php?token=$1 [NC,L]
Can you test this out? By replacing your domain name with %{HTTP_HOST}%
I have what I can say is a huge problem. I have a website that I've switched to https using Cloudflare and it almost completely disappeared from Google search results.
Here is my .htaccess
Options -MultiViews
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
So I have 301, but did I do it right?
Google may some time to reindex. According to this discussion on Moz, it may take a day for important URLs to 90 days for less important URLs to be indexed.
Other than that, it seems that you have only just changed the .htaccess to 301 redirect all URLs to the https one.
Have you:
check Google Webmaster Tools to see if the site has been indexed and for any error messages?
Changed the links in the sitemap.xml to the https one?
Updated the rel=canonical tag?
Changed all the internal URLs to https?
Updated other rel tags like rel=next, rel=previous and rel=alternate?
Updated all the external URLs you control, like Facebook/ Twitter?
Updated things like open-graph tags and social media widgets, so that new link juice can be passed on to the new https site when others share on social sites?
You probably want to indicate in GWT that you would prefer to use https://.
I'm trying to redirect images on my server to a url, if the user client is NOT A BOT.
So far I have:
RewriteCond %{HTTP_USER_AGENT} "Windows" [NC]
RewriteCond %{REQUEST_URI} jpg
RewriteRule ^(.*)$ http://www.myurl.com/$1 [R=301,L]
But something is wrong. Is it possible to combine these 2 conditions?
Your idea is admirable, but the logic is flawed based on real world bot behavior.
I deal with security on sites all the time & User Agent strings are faked all the time. If have an option to install it, I would recommend using a tool like Mod Security. It’s basically an Apache module firewall that uses configurable rulesets to deny bad patterns of access behavior. But honestly, if you are having issues with .htaccess stuff like this Mod Security might be too intense to understand.
A better tact is to just prevent hot-linking via mod_rewrite tricks like this.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ http://www.mydomain.com/angryman.gif [R,L]
Then again, reading your question I am not 100% sure what you want to achieve? Maybe mod_rewrite stuff like this can give you hints on how to approach the issue? Good luck!
I have a website. I created a mirror of it and uploaded it in a directory called 'mirror'. What I wanted to do is whenever a viewer access for example..
http://www.example.com/this-page/another-segment/?id=1
I want him to be redirected to..
http://www.example.com/mirror/this-page/another-segment/?id=1
^^^^^^
(I am doing this because I want to want to edit my site's design but I don't want viewers to see the changes in progress until they are complete. Thus I want to redirect them to the mirrored snapshot, at least temporarily.)
Please suggest how this can be done using .htaccess or not.
after browsing around the internet. i came up with the idea of putting a /$1, a rewritebase and followsymlinks on the answer givien by appclay
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/mirror/
RewriteRule (.*) /mirror/$1 [R=301,L]
You'll want to do something like:
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/mirror/
RewriteRule ^/(.*) /mirror/$1 [R]
In your .htaccess file.
I have hosting setup with a master domain (mapped to the web root) and then a number of addon domains (each with their own folder within the web root). At the moment you can visit www.masterdomain.com/addondomainsubdir and reach the same page as you would if you visited www.addondomain.com (which maps to /public_html/addondomainsubdir). I want to prevent this so if you visit www.masterdomain.com/addondomainsubdir then it will do a 301 redirect to www.addondomain.com. The new addondomain.com site is a single page site so it does not have to map any additional pages.
Adding rules to the htaccess file in the web root does notaffect anything as the subdir exists which is wierd as i thought the htaccess command should work even if there is a matching subdir (i've tried the following which works when there's no matching subdir):
RewriteRule ^addondomainsubdir?$ http://www.addondomain.com [NC,R=301,L]
Logically given it's reaching this directory I figure i need to add a command within the htaccess file in the addondomainsubdir directory however nothing appears to have any effect (i've got various other rules setup and they work fine).
I would be massively grateful if anyone explain the best way to rectify this?
Thanks so much for your help,
Dave
I know this is an old post, but it has never been successfully answered. So for all of you finding this via search, this should do what the OP is asking.
Add this line to your .htaccess file:
redirect permanent /addondomainsubdir/ http://www.addondomain.com
Try these rules in your .htaccess:
Options +FollowSymlinks -MultiViews
RewriteEngine on
# for http
RewriteCond %{HTTP_HOST} ^(www\.)?masterdomain\.com$ [NC]
RewriteCond %{SERVER_PORT} =80
RewriteRule ^([^/]+)/?$ http://www.$1.com/ [R=301,L]
# for https
RewriteCond %{HTTP_HOST} ^(www\.)?masterdomain\.com$ [NC]
RewriteCond %{SERVER_PORT} =443
RewriteRule ^([^/]+)/?$ https://www.$1.com/ [R=301,L]
Instead of putting a rule in your main .htaccess, I would make make a .htaccess for each add-on domain, putting each one in the respective subdirectory.
RewriteEngine on
RewriteCond %{HTTP_HOST} masterdomain\.com$ [NC]
RewriteRule ^addondomainsubdir(.*)$ http://www.addondomain.com/$1 [R=301,L]