Main menu:

Site search

Categories

Archive

Anti-Leach with .htaccess

Anti-Leach tutorial.

If you need to prevent people from linking to your image from other web sites this can be accomplished in apache via a .htaccess file.

Leachers will just get a “X” instead of an image.

RewriteEngine
OnRewriteCond %{HTTP_REFERER} !^http://www.yoursite.com [NC]
RewriteCond %{HTTP_REFERER} !^http://yoursite.com [NC]
RewriteRule [^/]+.(gif|jpg)$ - [F]

Note: The first line is only necessary if this is not being used along with Sub Domains. If you are using Sub Domains, do not add the first line and insert the other 3 lines underneath the Sub Domain coding.

If you have another domain you can insert the following underneath line 3:

RewriteCond %{HTTP_REFERER} !^http://www.yoursite2.com [NC]
RewriteCond %{HTTP_REFERER} !^http://yoursite2.com [NC]

Upload the .htaccess file via FTP in ASCII mode and place in the htdocs folder.

Other web sites will now not be able to leech any images from your site. Enjoy!

Image Return
If you wish to return an image, stating they’re not permitted to access your images, modify this line:

RewriteRule [^/]+.(gif|jpg)$ - [F]
to these lines:

RewriteCond %{REQUEST_URI} !^/restricted_image.jpg
RewriteRule [^/]+.(gif|jpg|GIF|JPG)$ http://www.yoursite.com/hotlink.jpg
#note, do not need capitallized alternates unless you have them on your server.

You can use most extensions, such as:

RewriteRule [^/]+.(gif|jpg|mp3|htm|html|php|css)$ - [F]
Sub Domains

If anti-leeching is used along with sub domains, you’ll need to create a .htaccess for each sub domain with the following code for protecting your images:

RewriteCond %{HTTP_REFERER} !^http://sub.yoursite.com/ [NC]
RewriteRule [^/]+.(gif|jpg)$ - [F]

If you have many subdomains, you can use this code:

RewriteEngine
OnRewriteCond %{HTTP_REFERER} !^http://(.+)?yoursite.com/
RewriteRule [^/]+.(gif|jpg)$ - [F]

Upload the .htaccess file via FTP in ASCII mode and place in the htdocs folder.

If you want to share your images with multiple domains then you can set the permissions to just those domains.

RewriteCond %{HTTP_REFERER} !^http://www.yoursite.com [NC]
RewriteCond %{HTTP_REFERER} !^http://www.otherdomain.com [NC]

Say you want a folder with full permission granted. Usefull when posting images to forums. Then place a new .htacess file in that specific folder with this code.

RewriteEngine Off

Posted: June 8th, 2006 under Linux, Firewalls and Security.
Comments: none

Write a comment