Board Optimization - Complete Hotlink Protection

Title : Complete Hotlink Protection

Version : 1.1

Coder : naveeid
Purpose : Prevent your forum attachments from being directly linked to - prevent bandwidth abuse.

Why : My dedicated server was down due to too many hotlinked image connections. i was feeling helpless. even after protecting images through .htaccess, images were still hot linked through attachment.php



How : just edit your server .htaccess and modify the code with your domain names



Installation :
edit your .htaccess file.

Code:

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourfirstwebsite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yoursecondwebsite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://www.yourfirstwebsite/anypic.jpg [L]


RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourfirstwebsite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*attachment\.php*$ http://www.yourfirstwebsite/anypic.jpg [L,R,NC]

1) please change yourfirstwebsite.com and yoursecondwebsite.com to your websites on that cpanel account. if you dont have a second website then you can remove that line

2) i am allowing google to fetch images or attachments for their server. if you dont want to allow google then just remove that line.

3) replace anypic.jpg with your website banner or hotlink warning banner.

it works very fine. its the simplest and easiest available soloution.

Demo:-
i have installed it on my website , you can check my website for hotlink protection.
http://www.nidokidos.org/attachment....3&d=1302073196
now this image will show in my website , this image will be displayed if opened it in a browser. but if it will be opened in any other website , it will be replaced by my website banner.

[Boofo]

Code removed

[naveeid]

well if a server is already overloaded , then it should not allow any directory to be hotlinked.

[Boofo]

You don't have to put anything in to that directory if you don't want to. It just allows you to if ever needed.

And your Google code is redundant as this takes care of it already:

Code:

RewriteCond %{HTTP_REFERER} !^$

[naveeid]

Quote:

Originally Posted by Boofo

There is an easier and better way to do this and allow images to be hot-linked from one directory only (for posting error pics and avatars on other sites if they don't allow them locally).

Code:

# allow hotlinking from hotlinking-allowed directory only
RewriteCond %{REQUEST_URI} ^/hotlinking-allowed-directory
RewriteRule ^.*$ - [L]

# Hotlink Protection
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yoursite\.com/ [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png|mp3|pdf|psd)$ http://imgxxx.imageshack.us/imgxxx/xxxx/your_hotlink_image_name.jpg [L]
# RewriteRule .*\.(jpe?g|gif|bmp|png|mp3|pdf|psd)$ - [F]

Use either of the last 2 lines depending on what you want.

Boofo is there any solution for hotlinking through attachment.php in these lines?

[Boofo]

Do you allow guests to download attachments?

[naveeid]

well in my forum guests are allowed to download attachments and view attached images.

[naveeid]

through this mod , if any picture will be embedded/hotlinked through attachment.php on any OTHER website , it will display website banner or warning picture instead. similarly any other mp3 or download links of your forum files will be placed on any OTHER website , they will show your website banner or bandwidth theft warning when clicked.

[Boofo]

No problem. I have removed my code.

[MissKalunji]

Where should this go? in forum? or root?