Please note that you may have been redirected (you might like to make a note of the URL in the address bar of your browser and update accordingly) This is a permanent archvie but is no longer actively maintained. Please visit http://joshuaink.com for the latest updates.

Prevent hotlinking with Textpattern RC3

Wednesday March 30, 2005

Just a quick one for Textpattern RC3 users. After a thought by Sebastian about how costly it would be if someone decided to hotlink to my header image, I did a bit of Googling and found a solution, hopefully.

The code shown below takes the default .htaccess file distributed with Textpattern RC3 and adds three lines of code (lines 2 to 4). The order is important, I crashed my site so you don't have to! Obviously you will need to change the domain name on line 3 to your own.

There are options given in the original tutorial for presenting a default image to bandwidth thieves but I wonder if that kind of defeats the purpose a little, the code below just delivers nothing.

  1. RewriteEngine On
  2. RewriteCond %{HTTP_REFERER} !^$
  3. RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com(/)?.*$ [NC]
  4. RewriteRule .*\.(gif|jpe?g|png|bmp)$ [F,NC]
  5. RewriteCond %{REQUEST_FILENAME} -f [OR]
  6. RewriteCond %{REQUEST_FILENAME} -d
  7. RewriteRule ^(.+) - [PT,L]
  8. RewriteRule ^(.*) index.php

I am no mod_rewrite expert, so any feedback, or reports of successful hotlinking would be much appreciated.

  1. Rob McMichael

    1809 days ago

    This reminds me of an ala article http://www.alistapart.com/articles/hotlinking/
    by Thomas Scott

    Not sure if one is better than the other but if yours works then perhaps you google ad words could be on hold :)

  2. AkaXakA

    1809 days ago

    Well, doesn’t seem to work:

    Hotlink example

    Or haven’t you enabled it yet?

  3. AkaXakA

    1809 days ago

    Yup, as the example shows, it works!

  4. jordan

    1809 days ago

    What exactly is it supposed to be doing? I’m seeing a page that says “hotlink” and has the image… shouldn’t it be blocking it or something?

  5. jordan

    1809 days ago

    I’m seeing your @media image…

  6. Dave

    1809 days ago

    I see the @media image, but when I refresh I see nothing… weird.

  7. AkaXakA

    1809 days ago

    That’s because it’s cached in your browser because of your visit to this page.

    On reload, the browser actually makes the page request the image and then the hotlinking comes into play.

    And yes, it’s the @media image that’s hotlinked.

    PS. Received my mail John?

  8. Eric Irvine

    1809 days ago

    Same as Dave, I see @media images, which dissappear on refresh, is this a cache thing? I’m using Firefox 1.0.2

  9. Eric Irvine

    1809 days ago

    I see i’m too slow :P

  10. jordan

    1809 days ago

    No, this can’t be a cache issue – I just checked the example link in Opera 8 (which I hadn’t tried yet), and it showed the image. Even more interesting is the fact that refreshing still shows the image, even with a force refresh.

  11. AkaXakA

    1808 days ago

    It’s not a cache issue it’s a cache feature.

    The opera issue is strange though. If we’d want to test this properly, John’d need to send me a link of an unpublished picture, as it won’t be cached in any of our browsers.

  12. AkaXakA

    1808 days ago

    Ok, hotlink example updated.

    I don’t see anything in Firefox or Opera.

  13. jordan

    1807 days ago

    Yup, that fixes it. :)

  14. Lynn

    1502 days ago

    Thanks for providing this! Couldn’t figure out why editing my .htaccess didn’t seem to work, but your clear-cut explanation definitely helped. Thanks again!


Christmas gifts?

Beginning CSS Web Development book cover

Recently

The last seven posts made on this site.

Geeky shiteMeta

A proud member