TCH-JimE Posted July 2, 2003 Posted July 2, 2003 Hi, I thought I would write this hotlinking topic guide in order to help those who may wish to play with there HTACCESS file. Warning Editing your HTACCESS file is extremely hazardous, and could stop you and anyone else accessing it. Always make sure that if editing it, you have a multiple window open with the old untouched HTACCESS file present so you can click "save" and save yourself! What is Hotlinking? Hot linking is for example where I own www.mysite.com and I have a picture of a flower I took. Now some happy client on www.evilsite.com thinks "ooh, nice flower, I will link to it and display it on my website". Thus, your picture is now being linked, legally, to another site where its being displayed Why should this bother me?? Well for a number of reasons, but most importantly, because its taking up your bandwidth. Each time that picture is looked at, the total size of your picture is being added to your bandwidth. That means that say my picture of the flower is 30K and www.evilsite.com has 1000 people looking at this picture, thats 30 x 1000 = 30,000 = 30 megs of my own bandwidth!!!!!! And we all know how precious bandwidth is! What can I do about this? Turn on hotlinking protection in CPANEL. Its relatively straight forward to do and will (hopefully) stop people from hotlinking. Its not working / I want more control / I want to be able to manually do it so I know whats going on Ok then, its simple enough to do, but make sure you have that back-up window open! (Side note, I always work in notepad first, and whilst I know there are other ways to do this, keeping it simple and nicely laid out is the way to do it) Right, if if I have mysite.com, and I want to stop all pictures being taken, this is what I need to have in my htaccess file: >RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://mywebsite.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://mywebsite.com [NC] RewriteCond %{HTTP_REFERER} !^http://www.mywebsite.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mywebsite.com [NC] #RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC] What does all that jargon mean? Please explain! OK, here goes: RewriteEngine This is a server command saying to re-write something, in this case (overall) to stop images going missing Rewritecond This command searches the string (string is where you put Http://www. or www.) and trys to match anything after it Using ! and $ and ^ The ! means "not", so anything with the proceeding address is fine and not to be rewritten. $ and ^ are used in the string searching. ^ at the start and $ at the end www.mywebsite.com The url which you want to ALLOW (Remember that whilst your telling it to rewrite and stop images, the ! symbol says don't re-write so its like a double negative) NC Means to ignore the namecase, so it searches for both caps and lower case. Rewrite This tells the server what to do if its finding a string which is not in the list above and matches the string. In the case above, looks for anything with JPG or GIF etc If it finds something which has passed all the rewrites above (aka not matched) then it proceeds to do something. [F] In the case above, F = forbidden, aka not allowed. The NC is again in there to stop JPG and jpg being different. .(jpg|jpeg|gif|png|bmp) These are the files I want to stop. They could be anything from mp3 to php Right, I think I understand, but why the 4 lines for just one domain name? There is a shorter way, but then if there is a problem, its more complex to untangle. Here with four lines, I can see instantly if I have a problem and if something is not working and why its not working Ah ok. What happens if I have subdomains? Not a problem, just continue the same principles as above, just remember to add it before the Rewrite bit! E.g. I have a subdomain called gallery: >RewriteCond %{HTTP_REFERER} !^http://gallery.mywebsite.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://gallery.mywebsite.com [NC] hence my entire code would look like: >RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://mywebsite.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://mywebsite.com [NC] RewriteCond %{HTTP_REFERER} !^http://www.mywebsite.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mywebsite.com [NC] RewriteCond %{HTTP_REFERER} !^http://gallery.mywebsite.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://gallery.mywebsite.com [NC] #RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC] Ok, what about if I want to allow say a forum to display a picture? Not a problem, just put in a line or two lines of coding, depending on the domain! e.g. I want to allow totalchoicehosting forums to allow to hotlink too? (I want to show my flower picture off to everyone!) I would just add the line: >RewriteCond %{HTTP_REFERER} !^http://www.totalchoicehosting.com/forums [NC] I've seen shorter more complex hot link protections about. Why is this so long for? Short and complex is fine if you I) 100% understand it and II) It does not go wrong. Often laying something out simply whilst may take 5 minutes first time around, saves you so much time in the future. Arrrg, help, its all gone wrong, I forgot to have a second window open and I can't do or see anything. Now what??? Not to worry, please submit a help ticket and wait for us to fix it. Well thats the end of my 1st possible help topic, please let me know if its any good or just rubbish!
Virtual Imager Posted July 7, 2003 Posted July 7, 2003 Jim, I like your style! Not only is it not rubbish... it's also not jibberish. You Brits really know how to speak the language. Seriously, as a technically challenged "newbie," I appreciate the clear, concise instructions and the way you anticipate questions and answer them. I hope you'll address more help topics in the same way. I do have one (possibly stupid) question though.... if I have hotlinking protection turned on in Cpanel, how would I know if it were not working (Q&A #4)? Thank you.... Virtual Imager
TCH-JimE Posted July 7, 2003 Author Posted July 7, 2003 Hi, Several options: 1) Have a 2nd space which is not on your allow list, this could be a free webspace with ads like tripod or geocities, or in my case, about 30 different work servers. Upload a test page calling a graphic from your website, it should come up with a red X if hotlinking is working. Note, try and make sure its a fresh image that you have not yet seen in the browser, otherwise you may find that your web browser is using the cache of old websites you have visited and displaying the link. 2) Put a # infront of the Totalchoice web hosting line. Now try and post an image in the forums here. Again, needs to be a fresh image but it should not show. If you have any more questions, please do feel free to ask! Thanks Jim
SEO Posted July 8, 2003 Posted July 8, 2003 Great post Jim! A couple of comments. I recommend (complements to Rick) creating an image that simple has the text 'Remote Linking Forbidden' or something to that affect and save it as an unused file type (e.g. hotlink.png). Then do not include that file type (e.g. .png) in the RewriteRule: >#RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC] Then you can enter a redirect to that file (e.g. http://www.yoururl.com/hotlink.png) In addition, it is common that certain FTP programs do not 'show' the .htaccess file. You can always view or edit it via the cPanel's file manager. One last warning.... you must always upload a .htaccess file in ASCII .... if I have hotlinking protection turned on in Cpanel, how would I know if it were not working If your site is indexed by Google, then your images will be indexed as well... thus you can test hotlinking at Google Images
Recommended Posts