Go Back   vb.org Archive > vBulletin Modifications > vBulletin 4.x Modifications > vBulletin 4.x Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Complete Hotlink Protection Details »»
Complete Hotlink Protection
Version: 1.00, by naveeid naveeid is offline
Developer Last Online: Apr 2019 Show Printable Version Email this Page

Category: Board Optimization - Version: 4.x.x Rating:
Released: 04-25-2011 Last Update: Never Installs: 20
Re-useable Code Translations  
No support by the author.

Title : Complete Hotlink Protection

Version : 1.1

Coder : naveeid
Purpose : Prevent your forum attachments from being directly linked to - prevent bandwidth abuse.

Why : My dedicated server was down due to too many hotlinked image connections. i was feeling helpless. even after protecting images through .htaccess, images were still hot linked through attachment.php



How : just edit your server .htaccess and modify the code with your domain names



Installation :
edit your .htaccess file.

Code:
RewriteEngine on

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourfirstwebsite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yoursecondwebsite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://www.yourfirstwebsite/anypic.jpg [L]


RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourfirstwebsite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*attachment\.php*$ http://www.yourfirstwebsite/anypic.jpg [L,R,NC]

1) please change yourfirstwebsite.com and yoursecondwebsite.com to your websites on that cpanel account. if you dont have a second website then you can remove that line

2) i am allowing google to fetch images or attachments for their server. if you dont want to allow google then just remove that line.

3) replace anypic.jpg with your website banner or hotlink warning banner.

it works very fine. its the simplest and easiest available soloution.

Demo:-
i have installed it on my website , you can check my website for hotlink protection.
http://www.nidokidos.org/attachment....3&d=1302073196
now this image will show in my website , this image will be displayed if opened it in a browser. but if it will be opened in any other website , it will be replaced by my website banner.

Supporters / CoAuthors

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Благодарность от:
madness85

Comments
  #22  
Old 05-07-2011, 03:25 PM
billstelling's Avatar
billstelling billstelling is offline
 
Join Date: Apr 2011
Posts: 246
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by naveeid View Post
you have not placed any image at anypic.jpg????? please check that.
yea i did.. i just named the pic that..
Reply With Quote
  #23  
Old 05-09-2011, 03:21 AM
naveeid's Avatar
naveeid naveeid is offline
 
Join Date: Jan 2011
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Boofo View Post
What do you think vb considers someone who isn't logged in, no matter where they are? I'm saying they attachment.php code doesn't need to be there as you have to be logged in to be able to download and see attachments, anyway. Thus, redundant code.

if some one is not logging in but visits our website , he is a guest member. you can control guest permissions from the admin panel.

but if some one uses my website resources , hotlink my images in emails , sent it to large yahoo groups , place my website hotlinked images in forums , there is no option in VB4 to control that kind of hotlinking. and there was no modification available to stop the abuse of attachment.php. in this mod you can stop this kind of hotlinking. and save your server resources.
Reply With Quote
  #24  
Old 05-09-2011, 03:22 AM
naveeid's Avatar
naveeid naveeid is offline
 
Join Date: Jan 2011
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by billstelling View Post
yea i did.. i just named the pic that..
so i hope its working fine ?
Reply With Quote
  #25  
Old 05-09-2011, 06:01 AM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by naveeid View Post
if some one is not logging in but visits our website , he is a guest member. you can control guest permissions from the admin panel.

but if some one uses my website resources , hotlink my images in emails , sent it to large yahoo groups , place my website hotlinked images in forums , there is no option in VB4 to control that kind of hotlinking. and there was no modification available to stop the abuse of attachment.php. in this mod you can stop this kind of hotlinking. and save your server resources.
Well, you are wrong. I just tested in on the com with an attachment.php link from my site. If I was logged into my site at the same time, then, yes, the link would show the actual attachment. But if I was logged out of my site and clicked on the link that I posted on the com, it showed the registration error page from my site when I clicked on that link. So, your attachment.php code is ONLY good if the person is also logged into the site they are using it from, or if you allow guests to view and download attachments.

If you have the replacement image for the hotlinking on your site, the resources should be the same on your server as it still has to retrieve the image from your server.
Reply With Quote
  #26  
Old 06-03-2011, 03:52 AM
naveeid's Avatar
naveeid naveeid is offline
 
Join Date: Jan 2011
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

boofo may be i am unable to explain my point of view correctly to you..

let me explain it again.

1) first of all this mods stops simple hotlinking. and if some one hotlinks your images , it replaces it with your website banner or warning message.

2) secondly if my website images are placed and hotlinked using attachment.php then if will not show the original image but it will show website banner or warning message.

for example this is an image hosted on my website.
http://www.nidokidos.org/attachment....1&d=1298731742

a- if you will try to open it as its , it will be replaced by nidokidos banner.
a- if you will see it in google images , it will work fine.
b- if anyone , guest or member will see this image on nidokidos website pages , it will work fine.
for example see this image posted on this page.
but

if it is hotlinked in "any other" website , it will show a banner or warning message.

now see a website has placed it on it page , (may be using bing) , and as i have not allowed that website or bing to show my image on their web pages , they are getting a banner from my webserver.

please see this link
http://connect.in.com/nidokidos-org/...527553176.html


this is for what i made this mod. i hope you understand it now.
it has nothing to do with registrations , / members / guest.
Reply With Quote
  #27  
Old 07-22-2011, 12:28 AM
donal donal is offline
 
Join Date: Oct 2005
Posts: 41
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Where this file should actually be placed. Suppose I have www.mysite.com as domain and www.mysite/forum as forum root.

Should I place it in domain or in forum root directory?
Reply With Quote
  #28  
Old 07-31-2011, 05:48 AM
naveeid's Avatar
naveeid naveeid is offline
 
Join Date: Jan 2011
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

you have to add it in your /forum directory.
Reply With Quote
  #29  
Old 07-31-2011, 05:53 AM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I added it to the root and it works fine from there for me.
Reply With Quote
  #30  
Old 04-26-2012, 04:46 PM
naveeid's Avatar
naveeid naveeid is offline
 
Join Date: Jan 2011
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

ok good.
Reply With Quote
  #31  
Old 10-23-2012, 03:34 PM
viper357's Avatar
viper357 viper357 is offline
 
Join Date: Dec 2006
Location: Worthing, UK
Posts: 563
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Does this work in vb3? I've put this at the bottom of my htaccess file but it doesn't seem to work, can someone check it for me please? My website is in my signature. Thanks.
Code:
RewriteEngine on

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?marineaquariumsa\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://www.marineaquariumsa.com/hotpic.jpg [L]


RewriteCond %{HTTP_REFERER} !^http://(.+\.)?marineaquariumsa\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*attachment\.php*$ http://www.marineaquariumsa.com/hotpic.jpg [L,R,NC]
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:07 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04654 seconds
  • Memory Usage 2,338KB
  • Queries Executed 27 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_code
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (11)post_thanks_box
  • (1)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete