The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
Hotlink Protection Tutorial (Apache Server - .htaccess files)
What is hotlinking and bandwidth theft? Bandwidth theft or "hotlinking" is direct linking to a web site's files (images, video, etc.). An example would be using an <img> tag to display a JPEG image you found on someone else's web page so it will appear on your own site, eBay auction listing, weblog, forum message post, etc. Bandwidth refers to the amount of data transferred from a web site to a user's computer. When you view a web page, you are using that site's bandwidth to display the files. Since web hosts charge based on the amount of data transferred, bandwidth is an issue. If a site is over its monthly bandwidth, it's billed for the extra data or taken offline. A simple analogy for bandwidth theft: Imagine a random stranger plugging into your electrical outlets, using your electricity without your consent, and you paying for it. How Do I know I am hotlinking? This is how you might display an image graphic file in the HTML on your own web page: HTML Code:
<img src="image.jpg" height="350" width="200">
HTML Code:
<img src="http://notmysite.com/image.jpg" height="350" width="200">
Why should I stop hotlinking? Hotlinking can have a lot of undesirable consequences. One is the so-called "switcheroo". If you've linked to an image on someone's server, what's to prevent them from changing the image you linked to? This can have humorous results. Since most sites, forums, etc. have strict policies about offensive images, it wouldn't take much for an aggravated webmaster you've been stealing bandwidth from to shut you down completely with an unwanted "switcheroo". Displaying an image or file that doesn't belong to could be a violation of copyright, making you open to litigation. The owner of the file could utilize DMCA law to have your site shut down and your information given for use in legal proceedings. How can I test to see if my image can be hotlinked? Use our URL hotlink checker below to check the hotlinking protection (such as an htaccess file) on your web site. Enter the complete URL below (ex: http://mysite.com/image.jpg) to see if your image can be loaded and hotlinked by an outside server. Click to go to the Resource & Test Page ****************************************** ****************************************** ****************************************** Following text may not be an ultra professional experience but i've been using these techniques for 2 years and they are working great for me. I've been running two dedicated servers and i've full control over them (my .htaccess file lines included in my httpd.conf file). If your hosting is shared and got some restrictions to use .htaccess files on your account, you should contact your hosting company first to enable them. Notice: .htaccess files can only be used by Apache web servers and they will not work on a windows system. Hotlink Protection Enabled .htaccess File Tutorial -Create a new TXT file named *'sample.htaccess' and open it with your text editor (NotePad). *Windows users won't be able to create it as '.htaccess' so you have to rename 'sample.htaccess' to '.htaccess' after it's been uploaded to your server. -Copy and paste the following lines to 'sample.htaccess' file: Quote:
-Upload 'sample.htaccess' file to your web server's root and rename it to '.htaccess'. Read the following text to figure out how to customize your own .htaccess file. RewriteCond %{HTTP_REFERER} !^$ = Allow direct requests (ie. entering the url to an image in your browser). People can't publish your image files at their own web pages but they still can view them by entering their url in the browser window. These images can also be viewed (shared) by clicking on their urls in Instant Messenger windows. [NC] = "No Case", meaning match the url regardless of being in upper or lower case letters. [R] = Redirect *(jpg|jpeg|gif|png|bmp|swf) = Files to block I used to redirect blocked files to a custom .jpe image file. If you prefer this option, you should use the following .htaccess file: Quote:
My .htaccess file: Quote:
First piece of lines got RewriteCond %{HTTP_REFERER} !^$ line as i don't want people to be able to access those kind of files directly. (The protection for the image files doesn't have that line) If you don't want a redirection for (mp3|mpeg|mpg|ram|rm|wma|wav|asx|wmv|avi|mov|zip|r ar|exe), you can use replace that line with the following display your Error Code 404 page: Quote:
.htaccess files effect the folder it's in and all of the subfolders. If you want to exclude a subfolder from the hotlink protection, create another .htaccess file with the lines below and upload it to that directory: Quote:
Feel free to reply this thread if i made some mistakes This tutorial is written by NeutralizeR @ MsXLabs Organization |
#42
|
|||
|
|||
I suggest you to use only one version of your domain with 301 redirect. That way it won't act like two different web sites (bandwidth issue) and hotlink protection'll perfectly work.
|
#43
|
||||
|
||||
Quote:
Which would you prefer then, to use "www" and set the 301 redirect for the name witho out hte "www"? How would I setup a 301 redirect for the one I am not going to use? |
#44
|
|||
|
|||
Code:
RewriteEngine on RewriteCond %{HTTP_REFERER} !^http://www.mysite.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mysite.com$ [NC] RewriteCond %{HTTP_REFERER} !^http://mysite.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://mysite.com$ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule .*\.(jpg|jpeg|gif|png|bmp|swf|mp3|mpeg|mpg|ram|rm|wma|wav|asx|wmv|avi|mov|zip|rar|exe)$ http://www.mysite.com [NC,R,L] Code:
RewriteCond %{HTTP_REFERER} !^http://.*mysite\.com.*$ [NC] |
#45
|
|||
|
|||
Neutralizer.
thanks for the support. In my vbulletin configuration i have setup that guests are allowed to vew attachments and i want to keep it that way, and my question is how should i configure the rewrite rule to only limit the access to attachment.php First i tried with: PHP Code:
Then i tried with: PHP Code:
thanks again. |
#46
|
|||
|
|||
Thanks but I found a better way to prevent hotlinking. From here.
http://perishablepress.com/creating-...king-strategy/ Code:
############################### # ultimate hotlink protection # ############################### # disable directory browsing # uncomment this option to protect access to directories # Options -Indexes # enable the following of symlinks # uncomment this option if hotlink protection fails to work # Options +FollowSymLinks # verify presence of mod rewrite <IfModule mod_rewrite.c> # enable the rewrite engine RewriteEngine on # check that file exists RewriteCond %{REQUEST_FILENAME} -f # check for requested file types # include additional file types here RewriteCond %{REQUEST_FILENAME} \.(gif|jpe?g?|png)$ [NC] # allow blank referrer requests RewriteCond %{HTTP_REFERER} !^$ # allow all requests from your domain # edit the domain to match your own RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?domain\. [NC] # allow all requests from your ip address # edit the ip address to match your own RewriteCond %{HTTP_REFERER} !^https?://123\.123\.123\.123(.*)$ [NC] # additional site access # include additional sites here replace domain names and or # remove unnecessary lines or add new lines for more sites RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?domain_01\. [NC] RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?domain_02\. [NC] RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?domain_03\. [NC] # search engine access # include or remove search engines feed readers and other sites RewriteCond %{HTTP_REFERER} !search\?q=cache [NC] RewriteCond %{HTTP_REFERER} !google\. [NC] RewriteCond %{HTTP_REFERER} !yahoo\. [NC] # allow access to all requests for your anti hotlink image # to serve an image instead of delivering a 403 error # uncomment the next line and edit the path and file name # RewriteCond %{REQUEST_URI} !^/hotlink\.jpg$ [NC] # deliver the hotlink image for all requests for the listed files # protect additional file types by editing the list below # if you are serving a file instead of a 403 # uncomment the next line and edit the path and file name # RewriteRule \.(gif|jpe?g?|png)$ http://domain.tld/hotlink.jpg [R,NC,L] # return a 403 error when any of the following file types is requested # you can protect additional file types by editing the list below RewriteRule \.(gif|jpe?g?|png)$ - [F,NC,L] # close the module container </ifModule> |
2 благодарности(ей) от: | ||
smimosmile, TheLastSuperman |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|