Disable Hot-Linking of images and other files
A hot-linking is when some other site uses images hosted on yours. For example a.com has some pretty nice images. Then b.com decides that instead of hosting these images on their server, they can just link from their pages to the images hosted on site a.com.
Hot-linking usually is bandwidth and of course content stealing. The b.com site will not pay for the traffic used as the image is being loaded from site a.com.
So it is a good practice to prevent images hot-linking:
You can prevent the hot-linking of your images by creating a .htaccess file with the following content:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?your-domain.com/.*$ [NC]
RewriteRule \.(gif|jpe?g|png)$ - [F]
The above code will result in a broken image to be displayed when it is hot-linked.
The example above works for .gif,.jpg and .png files, but you can add any file extension.
If you place the .htaccess file in the main folder of your site it will disable hotlinking for all your site.
To block other type of files, just add their extension to the list above. For example to block movie files:
RewriteRule \.(mov|avi|wmv|mpe?g)$ - [F]
The Hot-Linking prevention is based on an Apache module called ModRewrite. So your web host should support it in order for you to be able to use these on your site.
We will be discussing ModRewrite in a separate topic.
- How to block users from accessing your site based on their IP address
- How to prevent or allow directory listing?
- How to change the error documents – 404 Page Not Found, etc
- Using .htaccess for password protecting your folders
- Using .htaccess to block referrer spam
- Disable Hot-Linking of images and other files
- Redirect URLs using .htaccess
- Introduction to mod_rewrite and some basic examples
- Force SSL/https using .htaccess and mod_rewrite
- 301 Permanent redirects for parked domain names
- Enable CGI, SSI with .htaccess
- How to add Mime-Types using .htaccess
- Change default directory page
- Block Bad robots, spiders, crawlers and harvesters
- Make PHP to work in your HTML files with .htacess
- Change PHP variables using .htaccess
- HTTP Authentication with PHP running as CGI/SuExec
- Force www vs non-www to avoid duplicate content on Google
- Duplicate content fix index.html vs / (slash only)
Comments 4 >>
_____________________________________________
SetEnvIfNoCase Referer "^http://www.one.com/" locally_linked=1
SetEnvIfNoCase Referer "^http://www.one.com$" locally_linked=1
SetEnvIfNoCase Referer "^http://one.com/" locally_linked=1
SetEnvIfNoCase Referer "^http://one$" locally_linked=1
SetEnvIfNoCase Referer "^http://www.two.one.com/" locally_linked=1
SetEnvIfNoCase Referer "^http://www.two.one.com$" locally_linked=1
SetEnvIfNoCase Referer "^http://two.one.com/" locally_linked=1
SetEnvIfNoCase Referer "^http://two.one.com$" locally_linked=1
SetEnvIfNoCase Referer "^$" locally_linked=1
Order Allow,Deny
Allow from env=locally_linked
______________________________________________________________________________
Thanks
so it should be:
SetEnvIfNoCase Referer "^http://www\.one\.com/" locally_linked=1
SetEnvIfNoCase Referer "^http://www\.one\.com$" locally_linked=1
etc...
| Previous: Using .htaccess to block referrer spam | Next: Redirect URLs using .htaccess |
How would you write the above if you wanted to block everyone but Google and have the result be a replacement image?