2006-07-06, 06:39 AM
Stop Hotlinking
Nothing really suprising in this one, common trick used by lots of sites. The main aim isn't to stop the theft of images but the theft of bandwidth!
Code:
# Stop hotlinking
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.mysite.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.myfriendsite.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.othersites.com [NC]
# forbidden
RewriteRule .*\.(gif|jpg|png|swf)$ - [NC,F]
# forward elsewhere
# RewriteRule \.(gif|jpg|png|swf)$ http://www.hotlinkinghurtsmybandwidth.com/THIEF.png [R,L]IP Banning
Found this trick elsewhere which I liked a lot, cause apache to read a separate file and instantly rebuild its deny!
Code:
# block ips
RewriteMap hosts-deny txt:/path/to/my/hosts-deny.map.txt
RewriteCond ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND [OR]
RewriteCond ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND
RewriteRule ^/.* - [F]The hosts-deny.map.txt looks like this:
Code:
127.0.0.1 -
localhost -Deny those nasty localhost users!!! ;)
Bouncing Referrers
Using the same technique as above, it is possible to bounce users from one place to another:
Code:
# bounce/redirect users
RewriteMap bounce txt:/path/to/my/bounce.map.txt
RewriteCond %{HTTP_REFERER} !=""
RewriteCond ${bounce:%{HTTP_REFERER}} ^-$
RewriteRule ^.* %{HTTP_REFERER} [R,L]
RewriteCond %{HTTP_REFERER} !=""
RewriteCond ${bounce:%{HTTP_REFERER}|NOT-FOUND} !=NOT-FOUND
RewriteRule ^.* ${bounce:%{HTTP_REFERER}} [R,L]Begone nasty referers! Now anyone coming from a list of referers can be redirected elsewhere. The bounce.map.txt file looks like:
Code:
http://www.badsite.com/ -
http://www.goodsite.com/baddirectory/index2.html http://somewhereelse.com/Many thanks to the meta wiki and various other mediawiki sources for these tips (I wish I'd taken note of the sites :().
[img]<___base_url___>/uploads/emoticons/default_ph34r.png[/img] the apache power!