After a little playing around, I have come up with this bit of code that you can stick in your httpd.conf file for protecting yourself from people linking to avatars and attachments from other servers.

Unfortunately, it requires both PHP as an Apache module, and mod_rewrite compiled in. However, it will save any calls to those PHP scripts, so very little processor overhead.

The best way to demonstrate it is with an example for this server:

<directory /www/sites/vbforums.com/htdocs>
<files avatar.php>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://vbforums.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.vbforums.com [NC]
RewriteCond %{HTTP_REFERER} !^http://161\.58\.186\.97 [NC]
RewriteRule avatar.php [F]
</files>
<files attachment.php>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://vbforums.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.vbforums.com [NC]
RewriteCond %{HTTP_REFERER} !^http://161\.58\.186\.97 [NC]
RewriteRule attachment.php [F]
</files>
</directory>


You will have to change the path (within the directory tag) and also the URLs that you want to allow - this particular setup will allow vbforums.com www.vbforums.com or the IP address 161.58.186.97 .

It is turned on here, so please feel free to test it out.

John

Is there any way of having something like this for use with IIS?

Argh!!!!! I've just spent the morning searching lots of apache sites trying to find an example of this! Oh well...

I have use this in my .htaccess for my http://utassault.monsterkill.net domain:


# Rewrite Rule for images
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://utassault.monsterkill.net.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://utassault.monsterkill.net.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ - [F]


Afaik, it will only stop gif and jpegs - couldn't I just add php to the rewrite rule..?


RewriteRule .*\.(gif|GIF|jpg|JPG|php|PHP)$ - [F]

Is there anyway to do this through a .htaccess file, especially if you're on a shared server.

Originally posted by Jez
Is there anyway to do this through a .htaccess file, especially if you're on a shared server.

Yes, this is the .htaccess file method. Stick the above into your .htaccess file and make sure you change both the URL's to reflect your site.

can we use this also to change these:

http://domain.com/.*
http://www.domain.net/.*
http://domain.net/.*

to:

http://www.domain.com/.*


to resolve cookie-problems if the borad can be reached through different domains ?

Hi, I'm a sig virus. Please add me to the end of your sig and help me take over the world hehe ~ funny :)

testing http://www.chins-n-quills.com/forums/avatar.php/userid=1578

Couldnt you put somethign in avatar.php and attachment.php like this:
if($referer != http://forums.mysite.com) {
echo"NO OFF SITE LINKING!";
}
or something along those lines,i only know perl,not PHP.

Not all servers support HTTP_REFERER

Not many servers supoort mod_rewrite either ;)

This is a good tip...

A few weeks back, I had a problem with my vB DB going offline for some server work and I started receiving literally HUNDREDS and HUNDREDS of those vBulletin error e-mails within a few hours. The culprit was some sleazy ezboard site was linking to an avatar on my boards. Every post that guy made was linking to my server and since it was down, I would receive an e-mail every time it was viewed.

So I think implementing this tip would really be a good thing, however, I'm a little unclear on what to do. How do I edit my .htaccess file? In the past, I have let my host support make the appropriate modifications.

Do I just copy John's code and paste it into the .htaccess and modify the URLs to fit my server?

John,does your code above only works for avatars and attachments? What about other images (icons, smilies, buttons, etc)?

Also, I don't quite understand what should be included in the paths. Between the directory tags should I put the path where htdocs resides? And what about the other paths (where you have vbforum.com, www.vbforum.com, ...)? Are those the allowable paths that other users can access?

I already use this version to protect gif and jpg files just put this in the .htaccess file.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://your_domain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.your_domain.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ http://your_domain.com/bad.gif [R]

the image will then not produce a broken image but redirect them to bad.gif which can be anything from a simple msg saying don't link or a advert for your site.

If you want to stop them from linking to attachment.php and avatar.php and redirect them to another page then i believe this should work.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://your_domain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.your_domain.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ http://your_domain.com/bad.gif [R]
RewriteRule attachment.php http://your_domain.com/link.html [R]
RewriteRule avatar.php http://your_domain.com/link.html [R]

my understanding of the mod_rewrite flags arse as follows
[R] flag is redirect
[F] flag is forbidden
[NC] flag is No Case

I can't seem to prevent hot linking to my attachments. I wrote this in .htaccess in the forum directory:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://my_domain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my_domain.com/.*$ [NC]
RewriteRule attachment.php - [R]


But it doesn't work. Can anyone give me some help?

RewriteRule attachment.php - [R]

has the r flag which indicated a redirect change it to [F]

To do it with .htaccess you must be using the hack that allows you to store avatars as files, then you just protect the directory where the avatars are stored with .htaccess :)

No I'm not talking about avatars. I'm talking about attachments.

Changed [R] to [F]. Still won't work.

Still trying to figure out why I can't prevent hot linking to my attachments using .htaccess.....

can someone enlighten me?:confused:

I just put this into my forums .htaccess - it seems to work :)

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://mtb-news.de [NC]
RewriteCond %{HTTP_REFERER} !^http://www.mtb-news.de [NC]
RewriteCond %{HTTP_REFERER} !^http://www.mtbr.de [NC]
RewriteCond %{HTTP_REFERER} !^http://forum.mtb-news.de [NC]
RewriteRule avatar.php [F]


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://mtb-news.de [NC]
RewriteCond %{HTTP_REFERER} !^http://www.mtb-news.de [NC]
RewriteCond %{HTTP_REFERER} !^http://www.mtbr.de [NC]
RewriteCond %{HTTP_REFERER} !^http://forum.mtb-news.de [NC]
RewriteRule attachment.php [F]

attachment is not displayed anymore :)
http://f11.parsimony.net/forum16448/messages/31133.htm

testing
http://www.nutndun.com/zr-7/avatar.php?userid=27&dateline=1002507276

http://www.nutndun.com/zr-7/avatar.php?userid=12&dateline=1002555572

http://www.nutndun.com/amdlogo.jpg

Can someone help me out with being able to get my no linking image to display instead of the red x's.
Here is what I have for the rewrite directive;

<Directory "C:/Apache/htdocs">
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://nutndun.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.nutndun.com/.*$ [NC]
RewriteRule .*\.gif|GIF|jpg|JPG$ http://www.nutndun.com/bad.jpg [R]
<files avatar.php>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://nutndun.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.nutndun.com [NC]
RewriteRule avatar.php [F]
</files>
<files attachment.php>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://nutndun.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.nutndun.com [NC]
RewriteRule attachment.php [F]
</files>
</Directory>

Thanks for any help

I would love to do this hack in .htaccess has it been figured out what to do yet and which procedure works? Thanks!

So what's the final thinking on this?

NUTNDUN - seems you got yours working. Is what you posted the final entry into your .htaccess?

This is a great tip, one I'd love to implement.

Here is what I have in my config file
<IfModule mod_rewrite.c>
<files avatar.php>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://itcommunitycorner.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.itcommunitycorner.com [NC]
RewriteRule avatar.php http://www.nutndun.com/link.htm [R]
</files>
<files attachment.php>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://itcommunitycorner.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.itcommunitycorner.com [NC]
RewriteRule attachment.php http://www.nutndun.com/link.htm [R]
</files>
</IfModule>

I never could get it to work with all gifs and jpgs, if anyone can fill us in I would love to know how. The reason the one image is x'ed out is because it is no longer on the server.
Here is what I get id I try to link my avatar now from my site,
http://www.itcommunitycorner.com/forums/avatar.php?userid=1&dateline=1008713802
^ that is with the [ img ] tags to show the image directly as you can see it doesn't work the way I want it too. :(

I did a little more playing around, this is just a test, if it works I will post the config,

http://www.itcommunitycorner.com/forums/themes/newstyle/sendpm.gif

Cool it works now, I think part of my problem is that I had the avatar images in cache so it automatically showed em. Anyway here is my config ( I have this in my http.config file since I don't use any htaccess files)

<IfModule mod_rewrite.c>
<Directory "C:/Apache/htdocs/itcommunity/forums">
<files avatar.php>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://itcommunitycorner.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.itcommunitycorner.com [NC]
RewriteRule avatar.php http://www.nutndun.com/link.htm [R]
</files>
<files attachment.php>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://itcommunitycorner.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.itcommunitycorner.com [NC]
RewriteRule attachment.php http://www.nutndun.com/link.htm [R]
</files>
</Directory>
</IfModule>

<IfModule mod_rewrite.c>
<Directory "C:/Apache/htdocs/itcommunity">
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://itcommunitycorner.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.itcommunitycorner.com [NC]
RewriteRule .*\.gif|GIF|jpg|JPG$ http://www.nutndun.com/files/bad.gif [R]
</Directory>
</IfModule>

I have added a .htaccess file to my gallery and images folder. I have made it so that it brings up a banner advertising my site.

I was wondering if it is possible to make is so that the banner could add as a link back to my site - thus turning bandwidth steeling into full on advertising.

Ya........

Hey Mike Warner could you give me the code you put in those directories

RewriteEngine On

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com.* [NC]
RewriteCond %{HTTP_REFERER} !^http://yourdomain.com.* [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ http://www.yourdomain.com/bad.gif [R]

==========
You save the file as .htaccess in the folder you want it to protect and you must also chmod the folder - can remember what setting - 777 will do it though.

Anyone know how to make the image a hyperlink?

hmm testing!

http://www.ochroma.net/forum/images/avatars/kalendra.jpg

http://www.ppnforums.splashhost.com/attachment.php?s=&postid=84030

test

I dont know how old this thread is.. but i wanted to try mine out.........

http://allforums.net/forum/images/vBulletin_logo.gif

http://www.theforumz.com/forumz/attachment.php?s=&postid=53748

http://www.theforumz.com/forumz/attachment.php?s=&postid=53748

http://www.theforumz.com/forumz/avatar.php?userid=1&dateline=1008714866

Sorry to tell you guys, but none of these work. Is all I have to do is right click and copy url and put it in the url field of my browser and I see the pic without viewing your site or going to it.

Nice try, but this will only stop the most stupid users. :( :mad:

Originally posted by Gutspiller
Sorry to tell you guys, but none of these work. Is all I have to do is right click and copy url and put it in the url field of my browser and I see the pic without viewing your site or going to it.

Nice try, but this will only stop the most stupid users. :( :mad:

We need to figure out a way to protect them against every, even a screen capture/shot.. Like quicktime :(

Originally posted by LuBi


We need to figure out a way to protect them against every, even a screen capture/shot.. Like quicktime :(

You will have a hard time with screen capturing let along just looking in the cache. There are a few tricks I know of where you set the tables background to be the background of the table and then you have a transparent 1 x 1 gif infront stretched to the same size as the picture.

When they right click and try to save the image, they save the 1 x 1 transparent gif. :D

See thats the good stuff I'm talking about. We need to get our heads together! :D

Anyone can download pictures, or press print screen to copy them, the point is to keep people from using your bandwidth on their sites. If they put any of these pictures on here they will get that error, the reason you can manually type it in is because when you refresh the referrer was your site's error message! So your site was acessed, then it gives permission: basically there is almost no way to use the pics on another domain.. Its virtually impossible to stop someone from just downloading a pic and using it... Except a lawsuit :)

I would like to test this as well...

http://www.ls1.com/forums/images/smilies/beerchug.gif

http://www.ls1.com/forums/images/smilies/beerchug.gif

It's bad enough when you try to protect the images from your own site, now ya gotta protect your own no linking images as well. Not that my no offsite linking images was anything to be proud of but dam doesn't anyone have any creativeness to them at all? BTW, thanks for not asking to use that image!

Originally posted by NUTNDUN
It's bad enough when you try to protect the images from your own site, now ya gotta protect your own no linking images as well. Not that my no offsite linking images was anything to be proud of but dam doesn't anyone have any creativeness to them at all? BTW, thanks for not asking to use that image! Please accept my apologies.:( I meant no harm.

Actually I don't mind the offsite image, in a way it is kinda funny. Mod_rewrite is a very usefule and aggrivating tool but when you do get it to work it is pretty justifying also. I accept your apologies and you can use that one if you want, I just felt it was weird seeing this in this sort of post.

I take it that Ventures Online does NOT allow the mod rewrite stuff?

Any good .htaccess suggestions for them or am I just doing something wrong?

I am with VO - I use .htacess with great success. Just use one of the examples for .htacess in this thread. They all work. :)

testing...

http://www.talkbass.com/forum/avatar.php?userid=21531&dateline=1015211388

testing....

http://forums.cgshock.com/images/logo.gif

I have enabled mod_rewrite.so in my httpd.conf. Now, when i restart apache it won't and says:

Cannot load /usr/local/apache/libexec/mod_rewrite.so into server: undefined symbol: dbm_fetch

the module is in the given path. Anyone has an idea? thanx :)

Big Problem...

Is there a way to do this in IIS?
Another problem:

I want that my zip files to be downloaded ONLY if the referer is my site. If the referer is not my site, the index will apear !

Originally posted by AlexD
I have enabled mod_rewrite.so in my httpd.conf. Now, when i restart apache it won't and says:

Cannot load /usr/local/apache/libexec/mod_rewrite.so into server: undefined symbol: dbm_fetch

the module is in the given path. Anyone has an idea? thanx :)

If you can't get mod_rewrite working, you could use <FilesMatch> in conjunction with a 403 error document. This example protects attachments from being linked offsite:

<FilesMatch "attachment\.php">
ErrorDocument 403 http://mydomain.com/sorry.gif
SetEnvIf Referer "^http://www\.mydomain\.com" good_referal
SetEnvIf Referer "^http://mydomain\.com" good_referal
SetEnvIf Referer "^$" good_referal

Order Deny,Allow
Deny from all
Allow from env=good_referal
</FilesMatch>

I'm trying this, but my problem is that when I implement the .htaccess code, none of my graphics show up when accessing the forum through normal means?

Here's my code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.mysite.org/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://mysite.org/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://my.ip.number/.*$ [NC]

RewriteRule .*\.(gif|GIF|jpg|JPG)$ - [F] I've placed the .htaccess file in my mysite-www/images directory.

Is there some other text that should be in the .htaccess file? I've seen different versions of this code with other text, (such as the <directory /www/sites/vbforums.com/htdocs>) and I've seen the code without it.

Why isn't the code interpreting my own domain, allowing my graphics to be displayed within the forum?

Pam,

I am having the same trouble. I am implementing this and NO images ON my site will show even from our own site... hmmm.

Mike

Hey Pam,

try putting this in your htaccess file,

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://yoursite.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.yoursite.com [NC]
RewriteRule .*\.gif|GIF|jpg|JPG$ http://www.yoursite.com/bad.gif [R]
</IfModule>

And make a quick little image that pertains to no offsite linking and see if that works.

Thank you so much -- but that didn't work either! I can't get an answer from my host either, why this isn't working. :rolleyes:

who is your host and do they allow htaccess files and do they even have mod_rewrite on the server?

I'm with 5dollarhosting.com which uses Alabanza. .htaccess files must be allowed, because when I implement it, it won't bring up my images when I bring the page up from the host, as well as outside the domain. I'm just doing something wrong, or there is some weird parameter set or something.

I got an Internal Server Error:

<directory /rodzilla/public_html/forums>
<files avatar.php>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://forums.seriouscommunity.com [NC]
RewriteCond %{HTTP_REFERER} !^http://66\.28\.77\.211 [NC]
RewriteCond %{HTTP_REFERER} !^http://www.forums.seriouscommunity.com [NC]
RewriteRule avatar.php [F]
</files>
<files attachment.php>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://forums.seriouscommunity.com [NC]
RewriteCond %{HTTP_REFERER} !^http://66\.28\.77\.211 [NC]
RewriteCond %{HTTP_REFERER} !^http://www.forums.seriouscommunity.com [NC]
RewriteRule attachment.php [F]
</files>
</directory>

testing

It's working on my new server, but I have a LITTLE problem..

Now none o my links works from my site :(

this is the code:



<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://softnews.ro* [NC]
RewriteCond %{HTTP_REFERER} !^http://www.softnews.ro* [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG|png|PNG)$ http://www.softnews.ro/Imag/nolinking.png [R]
RewriteRule .*\.(zip|ZIP|rar|RAR|exe|EXE)$ http://www.softnews.ro/public/html/nolinking.shtml [R]
</IfModule>


Is working too well :@

http://forums.zforcenetwork.com/avatar.php?userid=22&dateline=1026494310
http://forums.zforcenetwork.com/attachment.php?s=&postid=3980

http://www.golden-springs.com/site_images/clients/pam3.jpg

http://www.golden-springs.com/forums/attachment.php?s=&postid=2072

I cannot get these to work with .htacess my host is ventures online, they said mod_rewrites are on.

People can still hotlink avatars, I dont care about attachments cause i have no guest access

can someone with ventures please help me out with the code.

thanks

http://testvb.prop-planet.com/attachment.php?s=&postid=19

Originally posted by Scott MacVicar
I already use this version to protect gif and jpg files just put this in the .htaccess file.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://your_domain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.your_domain.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ http://your_domain.com/bad.gif [R]

the image will then not produce a broken image but redirect them to bad.gif which can be anything from a simple msg saying don't link or a advert for your site.

I'm trying the above with no luck... I keep getting a broken image anyone else had the same problem??

this works 100%



RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://XXX.XXX.XXX.XXX.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://domain.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.domain.com.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG|png|PNG|jpe|JPE|jpeg|JPEG|bmp |BMP|php|PHP)$ http://www.domain.com/bandwidth.gif [R,L]



replace XXX.XXX.XXX.XXX with the IP of your domain

replace domain.com with your domain.com name

replace www.domain.com (http://www.domain.com) with your www.domain.com (http://www.domain.com)

replace http://www.domain.com/bandwidth.gif with a link to your image you want show instead

save as .htaccess

try

What do you do when your host deletes your .htaccess & .htpasswd files?
:eek: :confused: :mad:

Originally posted by vBR
What do you do when your host deletes your .htaccess & .htpasswd files?
:eek: :confused: :mad: I'd probably change hosts. What rationale did they give you for doing this?

Originally posted by Steve Machol
I'd probably change hosts. What rationale did they give you for doing this? None as yet.
I e-mailed them for support in fixing errors I was getting.
That was about 3hs ago.
I was logged in to my FTP at the time so I noticed the files were deleted pretty quickly but no explanation.
They're usually good with their turnaround times, but lately...
I just don't know what's up.

:D Big Grins All Round.
It looks like was talking a total load of dung there.
I just jumped to the wrong conclusion when I could not find the files in my FTP client.
Apparently it just does not show me hidden files and I am happy with that.

Originally posted by reloadnet
I'm trying the above with no luck... I keep getting a broken image anyone else had the same problem??
Yep. Same here.
Still. A broken image is better than a hot-linked image.

Originally posted by vBR
Yep. Same here.
Still. A broken image is better than a hot-linked image.
http://www.teckwizards.com/forum/showthread.php?s=&threadid=808

Originally posted by vBR
What do you do when your host deletes your .htaccess & .htpasswd files?
:eek: :confused: :mad: Use a good ftp client, the files are hidden, not deleted.

if your ftp client has an option for "remote file mask" add the following:
-a

works with ws_ftp LE

Use a good ftp client, the files are hidden, not deleted.

if you have cPanel you can access/edit/save it using file manager.. Just remember though if you later set anything up like redirects, cpanel will delete your custom add in's so be sure to copy themn first then paste them back after.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://tidewaterracing.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tidewaterracing.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ - [F]


I put that in a folder that has pics for my forum. Now I my board gets Xs too for images hosted in the folder with the .htaccess file. Help!

I have problems with google's cache :@

See: http://216.239.57.104/search?q=cache:baVUiu0A-kgJ:www.softnews.ro/forum/forumdisplay.php%3Fs%3D%26forumid%3D28+softnews+fo rum+archive&hl=en&ie=UTF-8

What shoul I put in my hta ?

Not it lookslike this:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://216\.239\.57\.104 [NC]
RewriteCond %{HTTP_REFERER} !^http://web.archive.org [NC]
RewriteCond %{HTTP_REFERER} !^http://new.softnews.ro [NC]
RewriteCond %{HTTP_REFERER} !^http://news.softnews.ro [NC]
RewriteCond %{HTTP_REFERER} !^http://subtitrari.softnews.ro [NC]
RewriteCond %{HTTP_REFERER} !^http://download.softnews.ro [NC]
RewriteCond %{HTTP_REFERER} !^http://download.drivernews.ro [NC]
RewriteCond %{HTTP_REFERER} !^http://download.gamenews.ro [NC]
RewriteCond %{HTTP_REFERER} !^http://winshell.softnews.ro [NC]
RewriteCond %{HTTP_REFERER} !^http://vstef.softnews.ro [NC]
RewriteRule .*\.gif|GIF|jpg|JPG|png|PNG|swf|SWF$ http://www.medicinainterna.ro/Imag/nolinking.png [R]
RewriteRule .*\.zip|ZIP|rar|RAR|exe|EXE$ http://www.softnews.ro/public/html/nolinking.shtml [R]

I use Ensim, and the following works for me for both .jpg and .gif:)

Options FollowSymLinks

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://darkblazes.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.darkblazes.com/.*$ [NC]
RewriteRule .*\.jpg$ - [G]

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://darkblazes.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.darkblazes.com/.*$ [NC]
RewriteRule .*\.gif$ - [G]
:)

Satan

I use Ensim also.

Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.|archives\.)?macusers\.(org|net)(.*)$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?vbulletin\.(com|org)(.*)$ [NC]
RewriteRule (.*)\.(gif|jpe?g|png|bmp)$ http://www.macusers.org/hotlink.jpg [R,NC]

Hello
Any idea for zip files?

If you want to stop them from linking to attachment.php and avatar.php and redirect them to another page then i believe this should work.RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://your_domain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.your_domain.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ http://your_domain.com/bad.gif [R]
RewriteRule attachment.php http://your_domain.com/link.html [R]
RewriteRule avatar.php http://your_domain.com/link.html [R]my understanding of the mod_rewrite flags arse as follows
[R] flag is redirect
[F] flag is forbidden
[NC] flag is No Case

I did a CHMOD to the /forums folder and made a .htaccess file and uploaded. It had the code listed above. I then denied all access to my forum. Help!

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://tidewaterracing.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tidewaterracing.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ http://tidewaterracing.com/bad.gif [R]
RewriteRule attachment.php http://tidewaterracing.com/link.html [R]
RewriteRule avatar.php http://tidewaterracing.com/link.html [R]

Thats the code I am using its not working

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://tidewaterracing.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.tidewaterracing.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ - [F]

I put that in a folder that has pics for my forum. Now I my board gets Xs too for images hosted in the folder with the .htaccess file. Help!

Can someone please help!?

Hmm.. i get an error 403 on all pages every time i start this Mod Rewrite Rules. Any idea what to do ?

http://www.pocketbikeworld.com/avatar.jpgtest

Here is my .htaccess file:

deny from 192.132.24.81

# Rewrite Rule for images
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.quadraphonicquad.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.quadraphonicquad.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ - [F]


It does not seem to work either!

Is there something else that I have to do, or is there something wrong in the above file?

THANKS

this works 100%



RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://XXX.XXX.XXX.XXX.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://domain.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.domain.com.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG|png|PNG|jpe|JPE|jpeg|JPEG|bmp |BMP|php|PHP)$ http://www.domain.com/bandwidth.gif [R,L]



replace XXX.XXX.XXX.XXX with the IP of your domain

replace domain.com with your domain.com name

replace www.domain.com (http://www.domain.com) with your www.domain.com (http://www.domain.com)

replace http://www.domain.com/bandwidth.gif with a link to your image you want show instead

save as .htaccess

YOU ARE THE MAN!!

This works perfectly! Thanks!!

:-jon

Well, it worked yesterday!

Now, it seems to be blocking all access to the images, even in my own forum. I know someone asked this previously, but it was not answered.

How can I keep these images so they are still available to my board.

Anyone? Please?

THANKS

Just a minor dedicated server tip:

If you set this:

AllowOverride none

to stop your server from looking for .htaccess, and use httpd.conf to do your rewrite instead, it actually reduces the server load and speed up connections slightly. :)

Have just implemented the rewriterules to v3 Gamma. The old rules will not work if you had them when using v2.xx. The file names have been changed.

Notes:

I use .htaccess (please make sure you have "Options FollowSymLinks" and "AllowOverride Options FileInfo" in the httpd.conf, or .htaccess does not work!)

I use ".*" (. means any character, * means 0 or more of that characters.) infront of the mydomain to catch both www.mydomain.com , mydomain.com, forums.mydomain.com etc
There is no need to have more lines, it only slows the server down.

It does not work if you stack more than one RewriteRule after the RewriteCond. That is the case at least for my version of Apache. I have read many posts saying things do not work for them, could be this reason.

One thing I have noticed is Apache goes through the RewriteRule first to see if it is matched, then go back the lines to check whether the RewriteCond matches.

If you want to know how your rewriterules work, you can have them logged. Put these in your httpd.conf or in the Virtual Server area. (not in .htaccess!)

RewriteLog "/var/log/httpd/rewrite.log"
RewriteLogLevel 3

LogLevel can be from 0 (no log, default) to 9 (a lot of logs). Anything over 2 will slow down the server, use over 2 for debugging purpose.


RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://.*mydomain\.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://xxx\.xxx\.xxx\.xxx.*$ [NC]
RewriteRule ^.*\.(gif|jpg|png|jpeg)$ - [NC,F,L]

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://.*mydomain\.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://xxx\.xxx\.xxx\.xxx.*$ [NC]
RewriteCond %{QUERY_STRING} !^.*newattachment\.php.*$
RewriteRule ^(image|attachment)\.php$ - [F,L]


The xxx are the IP address of your server.
Edit: merged image/attachment into one rule.
Edit: Remove trailing "/" from rules for http://www.mydomain.com request
Using "NC" for gif|jpg extensions.

Would you put this in your

mydomain.com
directory or the

mydomain.com/forums/
directory? My site is at the

mydomain.com/forums/
And would you need to add the /forums in the domain in the hta file?

Would you put this in your


directory or the


directory? My site is at the


And would you need to add the /forums in the domain in the hta file?

.htaccess is per directory. So put it in your root of the forums directory.

When you use my rules, you don't need to add "forums", as I have ".*" to match anything starting with the domain name. If you only want the images etc to be used for an url containing /forums/, then change the rules to something like:

!^http://.*mydomain\.com/forums/.*$

.htaccess is per directory. So put it in your root of the forums directory.

When you use my rules, you don't need to add "forums", as I have ".*" to match anything starting with the domain name. If you only want the images etc to be used for an url containing /forums/, then change the rules to something like:

!^http://.*mydomain\.com/forums/.*$
Ok, I think I'm getting it now. I should put the htaccess file in the mydomain.com directory, not the mydomain.com/forums directory, right? And it will cover evrything on my site no matter how deep it goes (like mydomain.com/forums/images/I/think/this/is/right). And if I want vb.com to be able to link to my images, I just add their root domain and they will be able to link but no one else will.

Will this only work for images right now? How could I make it work to stop someone from linking to a post in the jokes forum or something like that? And how can I add tiff, bmp and png files to be blocked also?

I apologize for sounding so ignorant on this, but I'm just starting to work with htaccess files and I have a lot to learn about them.

I also heard something about transferring the htaccess files to the site, that they had to be uploaded a certain way and edited a certain way or they wouldn't work right. Is that true?

You are mixing domain names with the file directories. However you are right about covering all the sub-directories.

This does not protect people linking your threads, don't you want to come and read your jokes thread? If not, you may want to block guest access to the jokes thread. This is to protect other sites hot linking your image files. ie. using your bandwidth to show your image in other web sites. If you want to protect other images types, just add |bmp|png etc to the jpg|gif rule.

.htaccess file is a text file, so upload it using ACSII mode, not binary (may also work).

I was using the jokes forum as an example. :)

Ok, I understand then. Also, how would we add the ability to have it show an image of our choosing if someone hot links (like no-hotlinking.gif)?

Thank you, sir. ;)

I was using the jokes forum as an example. :)

Ok, I understand then. Also, how would we add the ability to have it show an image of our choosing if someone hot links (like no-hotlinking.gif)?

Thank you, sir. ;)

Just replace the "-" with the URL for your no-hotlinking.gif. Also Change "F" (Forbidden) to "R" (Redirect) at the end. ie. [NC,F,L] to [NC,R,L]. There are examples in the beginning of the thread for Redirect type of rules. Bear in mind, your bandwidth will still be used when you redirect, well, until the thief site removes the hotlinks.

I already use this version to protect gif and jpg files just put this in the .htaccess file.

Code
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://your_domain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.your_domain.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ http://your_domain.com/bad.gif [R]

the image will then not produce a broken image but redirect them to bad.gif which can be anything from a simple msg saying don't link or a advert for your site.


:rolleyes: I have a question about this, what if I want to do as above and block all from linking to my site except for a particular off-site? ie: I want to block all other sites from the ability to link to my image files except for say msn.com. Is there a way to write a RewriteRule "exception line" for a particular site when doing .htaccess blocking?

What would the coding for that exception line be? Thanks if anyone can help with this one.

Ok, I have this working for the most part.

If someone tries to use an inline image link to a file on my server, they get the error GIF displayed as expected.

But if they paste the URL into a new browser window, they get the image instead of the error. Test using this URL: http://www.fireblades.org/images/fireblades.gif (Clicking it shows the error. Pasting it into a new browser window shows the image.)


Here's the contents of my .htaccess file. Is there any way to have the error GIF shown when they go straight to the URL of the image, as shown above?

Thanks.


RewriteEngine ON
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://.*fireblades\.org.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://.*hondariders\.org.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://.*cbr929rr\.org.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://.*fireblades\.info.*$ [NC]
RewriteCond %{REQUEST_URI} !^.*leech\.gif$ [NC]
RewriteRule ^.*\.(bmp|gif|jpg|png|jpeg|avi|wmv|mpg|mpeg|wav|mp 3|BMP|GIF|JPG|PNG|JPEG|AVI|WMV|MPG|MPEG|WAV|MP3)$ http://www.fireblades.org/images/leech.gif [R,L]

:rolleyes: I have a question about this, what if I want to do as above and block all from linking to my site except for a particular off-site? ie: I want to block all other sites from the ability to link to my image files except for say msn.com. Is there a way to write a RewriteRule "exception line" for a particular site when doing .htaccess blocking?

What would the coding for that exception line be? Thanks if anyone can help with this one.

The condition lines you have there basically say you object all sites except your own site. So just add your sister site to that list.

Here's the contents of my .htaccess file. Is there any way to have the error GIF shown when they go straight to the URL of the image, as shown above?

Thanks.


(bmp|gif|jpg|png|jpeg|avi|wmv|mpg|mpeg|wav|mp3|BMP |GIF|JPG|PNG|JPEG|AVI|WMV|MPG|MPEG|WAV|MP3)$ http://www.fireblades.org/images/leech.gif [R,L]


What we are trying to do here is to prevent "hot link". To prevent sites stealing your bandwidth without giving credit to your site. If one pastes the URL of an image file from your site, the credit is given I think. It is also possible though to ban the image display by URL if that is what you really want.

There is no need to include gif|GIF etc. Just use the [NC], that will cover both cases. See my example in previous page.

What we are trying to do here is to prevent "hot link". To prevent sites stealing your bandwidth without giving credit to your site. If one pastes the URL of an image file from your site, the credit is given I think. It is also possible though to ban the image display by URL if that is what you really want.

There is no need to include gif|GIF etc. Just use the [NC], that will cover both cases. See my example in previous page.


Thanks for the tip.

Also, while maybe not the original intent of the thread, do you know of any way to accomplish what I requested?

Thanks for the tip.

Also, while maybe not the original intent of the thread, do you know of any way to accomplish what I requested?

RewriteCond %{HTTP_REFERER} !^$

Remove the "!" from above rule should do it. (not tested).

I added the following to my .htaccess file:

> RewriteRule avatar.php - [F]

It worked a little too well, I couldn't even see the images from my site. Any idea what I did wrong???

just a test


http://www.denzoforums.com/forum/attachment.php?attachmentid=37


doesn;t seem to be working..

OK -This is the link to my site.. I get red xx's where the images should be.
http://www.denzoforums.com/forum/showthread.php?t=51

this is my htaccess file
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.denzoforums.com/forum/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.denzoforums.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG)$ http://www.denzoforums.com/bad.gif [R]
RewriteRule attachment.php http://www.denzoforums.com/link.html [R]
RewriteRule avatar.php http://www.denzoforums.com/link.html [R]

anyideas?

I am new to vBulletin, and I'm alarmed by the fact that it's possible for someone to steal my bandwith in this way. Is there any way of completely disabling the use of attachment uploading/downloading? I want to be able to use avatars without worrying about some b**tard stealing my bandwith, but I don't understand anything to do with PHP etc. I'm a complete n00b. When I read this thread, it was just garble to me... can someone take me through the process step by step in layman terms?


:confused: :confused: :confused:

I am new to vBulletin, and I'm alarmed by the fact that it's possible for someone to steal my bandwith in this way. Is there any way of completely disabling the use of attachment uploading/downloading? I want to be able to use avatars without worrying about some b**tard stealing my bandwith, but I don't understand anything to do with PHP etc. I'm a complete n00b. When I read this thread, it was just garble to me... can someone take me through the process step by step in layman terms?
To keep it simple, you can use the options provided within vbulletin to stop outside links from downloading attachments from your forum. In the vb admin, Usergroups/Usergroup Manager... Edit the "Unregistered / Not Logged In" group. Under "Forum Viewing Permissions", set "Can Download Attachments" to "NO". This will prohibit guests and outside links from downloading attachments.

As for the Avatars, I wouldn't worry much about them... Even if someone links from the outside, they tend to be very small in size and have little effect on bandwidth/data-transfer. Images and other files attached to postings tend to be the bigger problem, which the above setting in vb will take care of.

Good luck with your site!

To keep it simple, you can use the options provided within vbulletin to stop outside links from downloading attachments from your forum. In the vb admin, Usergroups/Usergroup Manager... Edit the "Unregistered / Not Logged In" group. Under "Forum Viewing Permissions", set "Can Download Attachments" to "NO". This will prohibit guests and outside links from downloading attachments.

As for the Avatars, I wouldn't worry much about them... Even if someone links from the outside, they tend to be very small in size and have little effect on bandwidth/data-transfer. Images and other files attached to postings tend to be the bigger problem, which the above setting in vb will take care of.

Good luck with your site!
Thank you. But if it's that easy, then how come there are so many posts in this thread asking for code or whatever to stop this sort of thing happening? Also should I apply the settings that you've described to all the usergroups?

I am new to vBulletin, and I'm alarmed by the fact that it's possible for someone to steal my bandwith in this way.
By the way, this is nothing specific to Vbulletin. Bandwidth theft is an issue no matter what program you're using. If you have a website that has photos on it, you're vulnerable to bandwidth theft unless you take measures to prevent it. Running Vbulletin doesn't make you any more at risk.

but i save avatar in file system. Not in database.
How to fix it.

Ok i read all of these posts none seems to work

My attachments are stored as file based

they are all stored above the Public_html directory.
under the FILES directory
/home/forum/files/

the attachments extentions are
.attach for atachments
.thumb for thimbnails

Now can some one over here help us out how to protect these files from being downloaded BY DOWNLOAD MANAGERS such as DAP and flashget
I wanna use mod_rewrite

regarding this, if i put the .htaccess file for the images in my smilies and avatar folders but i want the hotlink/bad image to be in my forum root will i incur a problem?

Is there a simple confirmed way to do this? I would like to get this set up on my server.
I have found a few sites with me images.

I have vb 3.0.3 Please and thank you.

light bump

bump on the confirmation part?