Difference between revisions of "How do you block direct hot linking to image files using htaccess?"
From Joomla! Documentation
(New page: '''Caveats''' # Your server must allow .htaccess files for this technique to work. # If you do not have a .htaccess file in your root directory, see the related FAQ first. # Do not use t...) |
(Several markup changes.) |
||
| (7 intermediate revisions by 4 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | === Caveats === | |
| − | + | # Your server must allow ''.htaccess'' files for this technique to work. | |
| − | + | # If you do not have an ''.htaccess'' file in your root directory, see the related FAQ first. | |
| − | # Your server must allow .htaccess files for this technique to work. | ||
| − | # If you do not have | ||
# Do not use this method to redirect image hot links to HTML pages or to servers that are not your own. | # Do not use this method to redirect image hot links to HTML pages or to servers that are not your own. | ||
# Hot linked images can only be replaced by other images, not with HTML pages. | # Hot linked images can only be replaced by other images, not with HTML pages. | ||
| − | # As with any .htaccess rewrite, you may block legitimate traffic, such as users behind proxies or firewalls. | + | # As with any ''.htaccess'' rewrite, you may block legitimate traffic, such as users behind proxies or firewalls. |
| − | + | === Directions === | |
| − | + | # Create a JPEG image called ''no_hot_link.jpe''. Note that the odd file extension (''.jpe'') is intentional and important. Place this file in your ''images'' directory. | |
| − | # Create a | + | # Place the following code in the ''.htaccess'' file of your root directory. |
| − | # Place the following code in the .htaccess file of your root directory. | ||
| + | <syntaxhighlight lang="apache"> | ||
RewriteEngine On | RewriteEngine On | ||
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?your_site\.com/ [NC] | RewriteCond %{HTTP_REFERER} !^http://(.+\.)?your_site\.com/ [NC] | ||
RewriteCond %{HTTP_REFERER} !^$ | RewriteCond %{HTTP_REFERER} !^$ | ||
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/no_hot_link.jpe [L] | RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/no_hot_link.jpe [L] | ||
| + | </syntaxhighlight> | ||
| − | ''' | + | === Explanation === |
| + | The first line begins the Apache rewrite rule. The second line matches any requests from your own site, here called ''your_site.com''. The ''[NC]'' flag means ''No Case'', that is, match both upper and lower case characters. The third line allows empty referrals. The last line matches any files ending with the extension ''jpeg'', ''jpg'', ''gif'', ''bmp'' or ''png''. This is then replaced by the ''no_hot_link.jpe'' file in your images directory. This JPEG file uses the extension ''jpe'' instead of ''jpg'' to prevent these rules from blocking your replacement image. | ||
| − | + | === Block Hot Linking from Specific Domains === | |
| − | + | To stop hotlinking from specific domains only, such as ''myspace.com'', ''blogspot.com'' and ''livejournal.com'', while allowing other websites to hotlink to your images, use the following code: | |
| − | Block | ||
| − | |||
| − | To stop hotlinking from specific domains only, such as myspace.com, blogspot.com and livejournal.com, while allowing other | ||
| + | <syntaxhighlight lang="apache"> | ||
RewriteEngine On | RewriteEngine On | ||
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?myspace\.com/ [NC,OR] | RewriteCond %{HTTP_REFERER} ^http://(.+\.)?myspace\.com/ [NC,OR] | ||
| Line 31: | Line 29: | ||
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?livejournal\.com/ [NC] | RewriteCond %{HTTP_REFERER} ^http://(.+\.)?livejournal\.com/ [NC] | ||
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpe [L] | RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpe [L] | ||
| + | </syntaxhighlight> | ||
| − | You can add as many different domains as you want. Every RewriteCond line except the last one should end with the [NC,OR] flags. NC means to ignore case. OR means "Or Next", as in, match this line | + | You can add as many different domains as you want. Every ''RewriteCond'' line except the last one should end with the ''[NC,OR]'' flags. ''NC'' means to ignore case. ''OR'' means "Or Next", as in, match this line '''or''' the next line. The last ''RewriteCond'' omits the ''OR'' flag to stop matching after the last ''RewriteCond''. |
| − | |||
| − | '' | ||
| − | Alternatively, you can display a 403 Forbidden error code. Replace the last line of the previous examples with this line: | + | === Display a 403 Forbidden Code === |
| + | Alternatively, you can display a ''403 Forbidden'' error code. Replace the last line of the previous examples with this line: | ||
| + | <syntaxhighlight lang="apache"> | ||
RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F] | RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F] | ||
| + | </syntaxhighlight> | ||
| − | + | <noinclude> | |
[[Category:Administration FAQ]] | [[Category:Administration FAQ]] | ||
[[Category:Getting Started FAQ]] | [[Category:Getting Started FAQ]] | ||
| − | [[Category: | + | [[Category:Security]] |
| + | [[Category:Installation]] | ||
| + | [[Category:Server configurations]]</noinclude> | ||
Latest revision as of 09:41, 3 October 2022
Caveats[edit]
- Your server must allow .htaccess files for this technique to work.
- If you do not have an .htaccess file in your root directory, see the related FAQ first.
- Do not use this method to redirect image hot links to HTML pages or to servers that are not your own.
- Hot linked images can only be replaced by other images, not with HTML pages.
- As with any .htaccess rewrite, you may block legitimate traffic, such as users behind proxies or firewalls.
Directions[edit]
- Create a JPEG image called no_hot_link.jpe. Note that the odd file extension (.jpe) is intentional and important. Place this file in your images directory.
- Place the following code in the .htaccess file of your root directory.
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?your_site\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/no_hot_link.jpe [L]Explanation[edit]
The first line begins the Apache rewrite rule. The second line matches any requests from your own site, here called your_site.com. The [NC] flag means No Case, that is, match both upper and lower case characters. The third line allows empty referrals. The last line matches any files ending with the extension jpeg, jpg, gif, bmp or png. This is then replaced by the no_hot_link.jpe file in your images directory. This JPEG file uses the extension jpe instead of jpg to prevent these rules from blocking your replacement image.
Block Hot Linking from Specific Domains[edit]
To stop hotlinking from specific domains only, such as myspace.com, blogspot.com and livejournal.com, while allowing other websites to hotlink to your images, use the following code:
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?myspace\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?blogspot\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?livejournal\.com/ [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpe [L]You can add as many different domains as you want. Every RewriteCond line except the last one should end with the [NC,OR] flags. NC means to ignore case. OR means "Or Next", as in, match this line or the next line. The last RewriteCond omits the OR flag to stop matching after the last RewriteCond.
Display a 403 Forbidden Code[edit]
Alternatively, you can display a 403 Forbidden error code. Replace the last line of the previous examples with this line:
RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F]