|
|
Stop hotlinking via referrer using .htaccess
This is a re-active approach to blocking hot linking websites. This is an approach where you are unaware of your user community however you are aware of bad referrer's. This method uses .htaccess with RewriteRules.
- Ensure that the following parameters have been enabled within the apache configuration.
Options FollowSymLinks
AllowOverride FileInfo AuthConfig Limit
- If you have a separate configuration for your "images" and "htdocs" directory be sure to enable the above features in each section otherwise the .htaccess will not work.
< Directory "/web/www_root/images" >
Options FollowSymLinks
AllowOverride FileInfo AuthConfig Limit
Order allow,deny
Allow from all
< /Directory >
< Directory "/web/www_root/htdocs" >
Options FollowSymLinks
AllowOverride FileInfo AuthConfig Limit
Order allow,deny
Allow from all
< /Directory >
- Restart the webserver
./apachectl restart
- Create an .htaccess file within your "images" directory structure. Replace "bad-referrer.com" with a bad domain.
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://www\.bad-referrer\.com [NC]
RewriteRule \.(jpe?g|gif|bmp|png)$ images/bad.gif [L]
- RewriteEngine On
If the "RewriteEngine" is not enabled these policies will not work.
- RewriteCond %{HTTP_REFERER} !^http://www\.bad-referrer\.com [NC]
The above checks to see if the client was referrer to your website via "bad-referrer.com" to your own domain. If that client was then any image he/she tries to access will be replaced with an image of "bad.gif", else they will be allowed to your website.
|
|
|
Monday, 21-May-2012 01:46:51 EDT
