Results 1 to 7 of 7

Thread: prevent Hotlinking through .htaccess

  1. #1
    msp
    msp is offline AlterBlog User
    Join Date
    Jul 2012
    Posts
    29

    Default prevent Hotlinking through .htaccess

    Hi,

    We got a blog on the pianetadonna platform and we have some issues with hotlinking. I want to counter this by adding some code to the .htaccess file. Do you foresee any problems in me doing that?

    Gert



    -----------------------------------------------------------------------------
    RewriteEngine on
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http(s)?://(blog\.)?pianetadonna.it/msp [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yahoo.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?facebook.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?twitter.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?pinterest.com [NC]
    RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
    -----------------------------------------------------------------------------

  2. #2
    alemoppo is offline AlterVista Staff
    Join Date
    Feb 2010
    Location
    IT
    Posts
    735

    Default

    Hi, who is doing hotlinks? Which site?

    Bye!

  3. #3
    msp
    msp is offline AlterBlog User
    Join Date
    Jul 2012
    Posts
    29

    Default

    Hi,

    The question is if you see any harm in the addition to the .htaccess as I proposed. I fail to see how a list of sites that hotlink will help you answering that.

    Thanx

  4. #4
    alemoppo is offline AlterVista Staff
    Join Date
    Feb 2010
    Location
    IT
    Posts
    735

    Default

    If no site does hotlinks, you shouldn't edit that file because you could make your site inaccessible.

    Also, with updates, the .htaccess file may be reset, so the change may be useless.
    Always use plugins to do something.

    Normally the sites already have the most common protections.

    Bye!

  5. #5
    msp
    msp is offline AlterBlog User
    Join Date
    Jul 2012
    Posts
    29

    Default

    Hi,

    Somehow there might be a misunderstanding. There are hotlinks to our blog.

    To give you some examples:
    ecosia.org
    7tcymzs.dip.jp
    gooddesign.ezaap.com
    it.ryalin.net
    airfreshener.club
    ucmaia.com
    glenoakspathology.com
    imgurl.info
    kitchendecor.club
    globalchin.org
    coremc.us

    You can find more examples by going to the image tab of google search and look for "inurl:domain.com -site:domain.com". That does not show you any hotlinking to images that have been removed from our blog as those ones obvious create 404's when requested. But it does give you some of the hotlinking sites.

    As to your general remark that editing the .htaccess file could make our site inaccesible, I am aware of that. I do not think that the code I proposed will have that effect, but if you think it does, please tell me.

    As to your remark that any manual additions to the .htaccess file could be overwritten by you, I am aware of that too. I think it is kind of bad practice from your side to limit the possibilities of using the .htaccess file like that, but I guess I have to live with that.

    As to your remark on the use of plugins I do not totally agree. I do agree that a plugin is written by people who presumably know what they are doing and like that it will avoid stupid mistakes. Then again, quite a few plugins are having vulnerabilities because they are written incorrectly. So by people who do not really know what they are doing.

    Also, it is not always possible to find a plugin from a trustworthy source that does exactly and only what you want. Sometimes the use of a plugin gives you lots of options that you really do not need. So it bloats the system and potentially slows it down.

    In the case of hotlinking I could not find a small, dedicated plugin which would do the trick. That is why most sources on hotlinking suggest adding some lines to the .htaccess file.

    The code as proposed isn't any rocket science and it seems quite straight forward to me. I would have added it already if it where not for your request in the .htaccess file to open a thread on the subject first. Do you have any objections to the addition to the .htaccess file as proposed by me?

  6. #6
    alemoppo is offline AlterVista Staff
    Join Date
    Feb 2010
    Location
    IT
    Posts
    735

    Default

    Quote Originally Posted by msp View Post
    As to your general remark that editing the .htaccess file could make our site inaccesible, I am aware of that. I do not think that the code I proposed will have that effect, but if you think it does, please tell me.
    No, your code seems correct.
    But I can't guarantee that it won't conflict with other codes.


    The code as proposed isn't any rocket science and it seems quite straight forward to me. I would have added it already if it where not for your request in the .htaccess file to open a thread on the subject first. Do you have any objections to the addition to the .htaccess file as proposed by me?
    If you want, you can edit the code. But know that it could be overwritten.

    Bye!
    Last edited by alemoppo; 04-19-2019 at 06:51 AM.

  7. #7
    msp
    msp is offline AlterBlog User
    Join Date
    Jul 2012
    Posts
    29

    Default

    Thank you very much for your advise.

    Have a nice day.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO