Hotlinking / Help

AMH · by **AMH** » Fri Oct 13, 2006 7:59 am

Following your advice from here:

http://boards.phpbb-seo.com/phpbb-mod-r ... vt302.html

I have now tried the following as you stated. This is with the advanced code for SEO. Now PHPBB will not work. When I do this I get a code 500 internal server error.

What now? :oops:

Code: Select all: # These three lines should only be added if not already done in the .htaccess Options +FollowSymlinks RewriteEngine On RewriteBase / RewriteCond %{HTTP_REFERER} !^$ [AND] RewriteCond %{HTTP_REFERER} !^http://mydomain.net/.*$ [NC, AND] RewriteCond %{HTTP_REFERER} !^http://www.mydomain.net/.*$ [NC] ReWriteRule .*\.(rar|zip|jpe?g)$ - [F,L] ######################################################### # forum SEO REWRITE RULES # ######################################################### # AUTHOR : DCZ http://www.forum-seo.com/ # STARTED : 01/2006 ##################################################### #

ETC ETC ETC

Code: Select all: <?php /** * * @package attachment_mod * @version $Id: download.php,v 1.6 2006/09/04 12:56:06 acydburn Exp $ * @copyright (c) 2002 Meik Sievertsen * @license http://opensource.org/licenses/gpl-license.php GNU Public License * */ $browser_version = $log_version[1]; $browser_agent = 'konqueror'; } else { $browser_version = 0; $browser_agent = 'other'; }

dcz · by **dcz** » Sun Oct 15, 2006 1:49 pm

As it's within phpbb sessions, you can put this after :

Code: Select all: include($phpbb_root_path . 'common.' . $phpEx);

Don't forget you need to decide what to do, you could for example do this to simply deny the loading :

Code: Select all: if ( !empty($_SERVER['HTTP_REFERER']) && !strpos($_SERVER['HTTP_REFERER'], 'www.example.com') ) { if ( !empty($db) ) { $db->sql_close(); } exit(); }

or use message_die(GENERAL_MESSAGE, 'yourmessage'); to output a nice message instead

++

AMH · by **AMH** » Sun Oct 15, 2006 3:27 pm

Thankyou!

You are brilliant!

One last "small" problem.

On a webpage as on this one it blocks the download. BUT if you copy the url into the browser, it still downloads. Is that normal?

dcz · by **dcz** » Sun Oct 15, 2006 5:10 pm

You're welcome

Well yes, because in this cas the http referer will be empty. If you do not allow empty http referer you take the risk to deny download for user of your website behind firewalls, as the http referer could be blocked by the firewall settings.

But this is not this big of a deal to allow empty http referer as you filter most people who followed a download link from another web site, unless again behind a firewall.

I don't think people copying and pasting URL into the browser would end up being many.

++

AMH · by **AMH** » Mon Oct 16, 2006 1:57 am

Thanks again!

dcz · by **dcz** » Mon Oct 16, 2006 10:41 am

AMH · by **AMH** » Sat Sep 01, 2007 9:45 am

Its taken a while to figure why my bandwidth is going skyward again. It appears that the solution here does not work. Users can still right click on the sites and download from my site.

EG:

I have a scraper site that is leaching my bandwidth by a few GB a day.

<scraper site>

If you click on the link on the above page - Yes, it does do what this threads says it will do however if you right click and download it can still steal bandwidth.

Is there any way to fix this? :roll:

AMH · by **AMH** » Sat Sep 01, 2007 10:25 am

I found the solution and itt might be useful to others! Oh, I get to contribute. Might limit damage from these scraper sites!

Keep people from hotlinking your attachments

Create an .htaccess file with this code and drop it in your files directory

:arrow:

SetEnvIfNoCase Referer "http://www.yourdomain.com" locally_linked=1
SetEnvIfNoCase Referer "http://yourdomain.com" locally_linked=1
<FilesMatch "\.*$">
Order Allow,Deny
Allow from env=locally_linked
</FilesMatch>

:arrow:

Open download.php

:arrow:

Find:

readfile($filename);

:arrow:

Replace with:

header("Location: $filename");

dcz · by **dcz** » Sun Sep 02, 2007 3:03 pm

Thanks for sharing

Hotlinking / Help

Hotlinking / Help

Advertisement

Who is online

Advertisement