Go Back   vb.org Archive > vBulletin Modifications > vBulletin 4.x Modifications > vBulletin 4.x Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Complete Hotlink Protection Details »»
Complete Hotlink Protection
Version: 1.00, by naveeid naveeid is offline
Developer Last Online: Apr 2019 Show Printable Version Email this Page

Category: Board Optimization - Version: 4.x.x Rating:
Released: 04-25-2011 Last Update: Never Installs: 20
Re-useable Code Translations  
No support by the author.

Title : Complete Hotlink Protection

Version : 1.1

Coder : naveeid
Purpose : Prevent your forum attachments from being directly linked to - prevent bandwidth abuse.

Why : My dedicated server was down due to too many hotlinked image connections. i was feeling helpless. even after protecting images through .htaccess, images were still hot linked through attachment.php



How : just edit your server .htaccess and modify the code with your domain names



Installation :
edit your .htaccess file.

Code:
RewriteEngine on

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourfirstwebsite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yoursecondwebsite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://www.yourfirstwebsite/anypic.jpg [L]


RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourfirstwebsite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*attachment\.php*$ http://www.yourfirstwebsite/anypic.jpg [L,R,NC]

1) please change yourfirstwebsite.com and yoursecondwebsite.com to your websites on that cpanel account. if you dont have a second website then you can remove that line

2) i am allowing google to fetch images or attachments for their server. if you dont want to allow google then just remove that line.

3) replace anypic.jpg with your website banner or hotlink warning banner.

it works very fine. its the simplest and easiest available soloution.

Demo:-
i have installed it on my website , you can check my website for hotlink protection.
http://www.nidokidos.org/attachment....3&d=1302073196
now this image will show in my website , this image will be displayed if opened it in a browser. but if it will be opened in any other website , it will be replaced by my website banner.

Supporters / CoAuthors

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Благодарность от:
madness85

Comments
  #12  
Old 05-03-2011, 01:19 PM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Root.
Reply With Quote
  #13  
Old 05-03-2011, 01:20 PM
MissKalunji's Avatar
MissKalunji MissKalunji is offline
 
Join Date: Aug 2003
Location: Canada
Posts: 2,845
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

and if the image isn't available....

What will it show?

the standard vb error message?
Reply With Quote
  #14  
Old 05-03-2011, 01:29 PM
MissKalunji's Avatar
MissKalunji MissKalunji is offline
 
Join Date: Aug 2003
Location: Canada
Posts: 2,845
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

what if my attachement.php

is under a different folder?
Reply With Quote
  #15  
Old 05-03-2011, 07:52 PM
billstelling's Avatar
billstelling billstelling is offline
 
Join Date: Apr 2011
Posts: 246
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Code:
RewriteEngine on

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?thewindowscenter\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?thewindowscenter\.com/wordpress/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://www.thewindowscenter.com/anypic.jpg [L]


RewriteCond %{HTTP_REFERER} !^http://(.+\.)?thewindowscenter\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*attachment\.php*$ http://www.thewindowscenter.com/anypic.jpg [L,R,NC]
is that correct?

opps put the wordpress in the wrong spot.. fixed
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?thewindowscenter.wordpress\.com/ [NC]
Reply With Quote
  #16  
Old 05-03-2011, 08:15 PM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

naveeid, your attachment.php line does not work. I set guests to be able to download/view attachments, and this did not stop anyone from another site being able to hotlink it. When I set guests back to not be able to view or download attachments, then they got the login screen on a hotlink. But they got that anyway before the attachment.php line was added to the htaccess. So that code is redundant.
Reply With Quote
  #17  
Old 05-06-2011, 03:14 AM
naveeid's Avatar
naveeid naveeid is offline
 
Join Date: Jan 2011
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

@boofo
first of all this code is nothing to do with guests. this code is only to stop other sites from hotlinking images from vbulletin forum. as all the images are served through attachment.php in vbulletin , so we need to protect our attachment.php abuse.

if any other website or forum will place any images from my website , for example this image url
http://www.nidokidos.org/attachment....3&d=1304560281

which is serving image through attachment.php , using this code in htaccess will not let the images of your site being displayed on the other website , but it will replace your website banner.

so in a result they will remove your images from their website. the code is working perfectly fine with me.
Reply With Quote
  #18  
Old 05-06-2011, 03:15 AM
naveeid's Avatar
naveeid naveeid is offline
 
Join Date: Jan 2011
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by MissKalunji View Post
what if my attachement.php

is under a different folder?


it does not matter if the attachment.php is under any other folder.. it will work fine.
Reply With Quote
  #19  
Old 05-06-2011, 03:17 AM
naveeid's Avatar
naveeid naveeid is offline
 
Join Date: Jan 2011
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by MissKalunji View Post
and if the image isn't available....

What will it show?

the standard vb error message?

which image you are talking about , please explain your question so that i can give you the right answer.
Reply With Quote
  #20  
Old 05-06-2011, 03:20 AM
naveeid's Avatar
naveeid naveeid is offline
 
Join Date: Jan 2011
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by billstelling View Post
Code:
RewriteEngine on

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?thewindowscenter\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?thewindowscenter\.com/wordpress/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://www.thewindowscenter.com/anypic.jpg [L]


RewriteCond %{HTTP_REFERER} !^http://(.+\.)?thewindowscenter\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*attachment\.php*$ http://www.thewindowscenter.com/anypic.jpg [L,R,NC]
is that correct?

opps put the wordpress in the wrong spot.. fixed
Code:
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?thewindowscenter.wordpress\.com/ [NC]


you have not placed any image at anypic.jpg????? please check that.
Reply With Quote
  #21  
Old 05-06-2011, 11:49 AM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by naveeid View Post
@boofo
first of all this code is nothing to do with guests. this code is only to stop other sites from hotlinking images from vbulletin forum. as all the images are served through attachment.php in vbulletin , so we need to protect our attachment.php abuse.

if any other website or forum will place any images from my website , for example this image url
http://www.nidokidos.org/attachment....3&d=1304560281

which is serving image through attachment.php , using this code in htaccess will not let the images of your site being displayed on the other website , but it will replace your website banner.

so in a result they will remove your images from their website. the code is working perfectly fine with me.
What do you think vb considers someone who isn't logged in, no matter where they are? I'm saying they attachment.php code doesn't need to be there as you have to be logged in to be able to download and see attachments, anyway. Thus, redundant code.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:12 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05042 seconds
  • Memory Usage 2,342KB
  • Queries Executed 27 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (4)bbcode_code
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (11)post_thanks_box
  • (1)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete