[FREQ] Disabling hotlinking + media issues

Thomas · Post by **Thomas** » Fri Aug 05, 2005 2:11 am

Hi,

due to my still ongoing movement of my existing blog I tried to figure out a solution, which provides you a possibility to post mostly pictures.
To be honest, my quest was not successful yet.
Most of the image galleries out there are pretty well, but not flexible. Gallery even does not use GD in version 1.x, Jesus!
Coppermine is the most interesting gallery for managing the pictures you want to include into your blog. But one feature is missing in every gallery: scheduled posts. Without manual investigations in the DB there's no chance to upload your pictures into the gallery app and set it to the same release time as of your article you want to publish, lets say, in a week (ideal for vacations

)

Well, it looks like that I still have to continue using the media manager coming with s9y. And therefore I'd like to request some features to be improved.

- Hotlinking: I recognized that a lot of images will be hotlinked from other sites as well; a script coming with s9y may solve this, and can be set active with a "image paranoia switch" in the admin panel
- better settings for the media manager: let the user decide to set the amount of images, and save them per default, not changing on the time, when he accesses the media manager

Just my 5 cents. Thomas

Post by **garvinhicking** » Fri Aug 05, 2005 12:19 pm

I agree, the hotlinking should IMHO be solved on your own side so that you know what's going own. As it also required mod_rewrite I really think we should not offer that functionality in s9y.

BTW, the media manager remembers the settings since 0.9.

Regards,
Garvin

Josh · Post by **Josh** » Thu May 25, 2006 2:05 am

I have written this .htaccess, which successfully prevents hotlinking from other blogs:

Code: Select all

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?atlanticreview.org(/)?.*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?america-germany.atlanticreview.org(/)?.*$     [NC]
RewriteRule .*\.(gif|jpg|jpeg|bmp|png)$ http://atlanticreview.org/ [R,NC]

However, I wonder whether this blocks legitimate access to my pictures: Could it be possible that a .htaccess prevents some Feed Readers from displaying the pictures?
There are soo many Feed Readers out.

Or could it be that people behind firewalls or with proxie access will have a problem?

I have not yet uploaded the .htaccess file since I would like to check this first.

Josh · Post by **Josh** » Thu May 25, 2006 3:43 pm

I have googled a lot, but did not find a perfect and easy solution. So I mixed a few hints from several pages:

I have tried to write code with exceptions for online feed readers and feed aggregators. Is the code correct?

Code: Select all

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} .(gif|jpeg|jpg|png|bmp|swf)$ [NC]
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !atlanticreview\.org [NC]
RewriteCond %{HTTP_REFERER} !berlinblogs\.com [NC]
RewriteCond %{HTTP_REFERER} !google\. [NC]
RewriteCond %{HTTP_REFERER} !feedburner\. [NC]
RewriteCond %{HTTP_REFERER} !bloglines\. [NC]
RewriteCond %{HTTP_REFERER} !attensa\. [NC]
RewriteCond %{HTTP_REFERER} !feedlounge\. [NC]
RewriteCond %{HTTP_REFERER} !gritwire\. [NC]
RewriteCond %{HTTP_REFERER} !newsalloy\. [NC]
RewriteCond %{HTTP_REFERER} !newsgator\. [NC]
RewriteCond %{HTTP_REFERER} !pluck\. [NC]
RewriteCond %{HTTP_REFERER} !rojo\. [NC]
RewriteCond %{HTTP_REFERER} !netvibes\. [NC]
RewriteCond %{HTTP_REFERER} !feedburner. [NC]
RewriteCond %{HTTP_REFERER} !search?q=cache [NC]
RewriteRule (.*) http://atlanticreview.org/nohotlinkingplease.html

Or should it rather be written like this:

Code: Select all

RewriteCond %{HTTP_REFERER} !^http://(www\.)?atlanticreview.org(/)?.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?bloglines.com(/)?.*$ [NC]

Or should the rule be at the end:

Code: Select all

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?atlanticreview.org(/)?.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?berlinblogs.com(/)?.*$ [NC]
(....)
RewriteCond %{HTTP_REFERER} !search\?q=cache [NC]
RewriteRule .*\.(gif|jpg|jpeg|bmp|png)$ http://atlanticreview.org/nohotlinkingplease.html [R,NC]

All this code includes subdirectories, right?

Since the topic came up on a German blog, I have asked the same question there:
http://blog.koehntopp.de/index.php?url= ... tml#c10163

Post by **garvinhicking** » Fri May 26, 2006 2:06 pm

Hi!

Sadly I can't help you with that, but maybe you'd like to try the "rootforum.de" where many pepole know a lot with mod_rewrite...

Regards,
Garvin

Josh · Post by **Josh** » Fri May 26, 2006 2:59 pm

Thank you!

I'll try that.

gotchi · Post by **gotchi** » Thu May 17, 2007 3:16 pm

ok I tried

Code: Select all

#RewriteEngine on
#RewriteCond %{HTTP_REFERER} !^$
#RewriteCond %{HTTP_REFERER} !^http://(www\.)?gotchi.at/.*$ [NC]
#RewriteRule \.(gif|jpg|png|jpeg)$ http://www.gotchi.at/visit_gotchi_at.png [R,L]

the effect was, that all images also the images linke from my domain to my domain got changed to the visit_gotchi_at.png

I put the file into the uploads folder and the root folder of my blog. nothing helped. where is the problem ? why doesn't it work
using s9y 1.1 and url rewriting for nicer urls via s9y

thanks

Post by **garvinhicking** » Fri May 18, 2007 8:46 pm

Hi!

Are you sure you used a webbrowser that submits a HTTP-Referer string? Many extensions or settings for browsers, or proxy settings, can remove that HTTP-Referer string. And when it'S empty, you always get the same (wrong) file.

Regards,
Garvin

judebert · Post by **judebert** » Fri May 18, 2007 9:25 pm

It looks like that first rule should take care of empty referrers. (!^$ is "not start-end"). Does your .htaccess actually have those octothorpes (# signs) in front of every line? I thought that turned them into comments.

gotchi · Post by **gotchi** » Sat May 19, 2007 2:42 am

i tested the stuff with three different browser opera, safari and firefox - same thing with every browser

and in the acutall file a deletet the # - otherwise it would be a comment in a htaccess file.

so thats not the problem

why does s9y doesnt offer the feature of hot linking for users via a one click action ?

Post by **garvinhicking** » Sat May 19, 2007 8:20 pm

Hi!

why does s9y doesnt offer the feature of hot linking for users via a one click action ?

Restricting pages to disallow hot linking is against the rules of the free internet. Since Serendipity is Open Source, we support free internet.

If you think you need to enforce strict rules about preventing those things, you must do them by yourself.

Of course we are willing to share information on how to prevent that, I believe it has been discussed multiple times on these forums and it works for many people.

Regards
Garvin

gotchi · Post by **gotchi** » Mon May 21, 2007 10:58 pm

I have not problem with the freedom of internet and everybody is allowed to copy my information oder link to it.

but if people are linking pictures directly to my webspace - nobody of them pays my bandwith costs.
thats the only thing

thats also the reason why I store pictures of other sites on my webspace - to prevent stealing bandwith of others.

and if this problem was solved, and there is a post of it - perhaps you can give me the url, I searched and cant find the right solution for me.
the above mentioned solution was one I found but mad in impossible to use - cause it changed all pictures also on the own domain.

thanks

gotchi · Post by **gotchi** » Mon May 21, 2007 11:16 pm

http://surprisehighway.com/blog/2006/02 ... nking_and/

found a solution to blog special sites to prevent hotlinking
it works and now I am able handle it like I wanna do - free as in internet

[FREQ] Disabling hotlinking + media issues

[FREQ] Disabling hotlinking + media issues

Blocking legitimate access by accident?