Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2017-01-16 07:38:11

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,091
Website GitHub Mastodon Twitter

htaccess: hotlinking of images

Hi all

I’m trying to implement a couple of htaccess directives to prevent hotlinking of images.

The problem is that I would like

  1. to allow search engines and image search
  2. to allow viewing images included to our newsletter (postmaster)

At the moment I have

RewriteCond %{HTTP_USER_AGENT} ADSARobot|ah-ha|almaden|aktuelles|Anarchie|amzn_assoc|ASPSeek|ASSORT|ATHENS|Atomz|attach|attache|autoemailspider|BackWeb|Bandit|BatchFTP|bdfetch|big.brother|BlackWidow|bmclient|Boston\ Project|BravoBrian\ SpiderEngine\ MarcoPolo|Bot\ mailto:craftbot@yahoo.com|Buddy|Bullseye|bumblebee|capture|CherryPicker|ChinaClaw|CICC|clipping|Collector|Copier|Crescent|Crescent\ Internet\ ToolPak|Custo|cyberalert|DA$|Deweb|diagem|Digger|Digimarc|DIIbot|DISCo|DISCo\ Pump|DISCoFinder|Download\ Demon|Download\ Wonder|Downloader|Drip|DSurf15a|DTS.Agent|EasyDL|eCatch|ecollector|efp@gmx\.net|EirGrabber|EmailCollector|EmailSiphon|EmailWolf|Express\ WebPictures|ExtractorPro|EyeNetIE|FavOrg|fastlwspider|Favorites\ Sweeper|Fetch|FEZhead|FileHound|FlashGet\ WebWasher|FlickBot|fluffy|FrontPage|GalaxyBot|Generic|Getleft|GetRight|GetSmart|GetWeb!|GetWebPage|gigabaz|Girafabot|Go\!Zilla|Go!Zilla|Go-Ahead-Got-It|GornKer|gotit|Grabber|GrabNet|Grafula|Green\ Research|grub-client|Harvest|hhjhj@yahoo|hloader|HMView|HomePageSearch|http\ generic|HTTrack|httpdown|httrack|ia_archiver|IBM_Planetwide|Image\ Stripper|Image\ Sucker|imagefetch|IncyWincy|Indy*Library|Indy\ Library|informant|Ingelin|InterGET|Internet\ Ninja|InternetLinkagent|Internet\ Ninja|InternetSeer\.com|Iria|Irvine|JBH*agent|JetCar|JOC|JOC\ Web\ Spider|JustView|KWebGet|Lachesis|larbin|LeechFTP|LexiBot|lftp|libwww|likse|Link|Link*Sleuth|LINKS\ ARoMATIZED|LinkWalker|LWP|lwp-trivial|Mag-Net|Magnet|Mac\ Finder|Mag-Net|Mass\ Downloader|MCspider|Memo|Microsoft.URL|MIDown\ tool|Mirror|Missigua\ Locator|Mister\ PiX|MMMtoCrawl\/UrlDispatcherLLL|^Mozilla$|Mozilla.*Indy|Mozilla.*NEWT|Mozilla*MSIECrawler|MS\ FrontPage*|MSFrontPage|MSIECrawler|MSProxy|multithreaddb|nationaldirectory|Navroad|NearSite|NetAnts|NetCarta|NetMechanic|netprospector|NetResearchServer|NetSpider|Net\ Vampire|NetZIP|NetZip\ Downloader|NetZippy|NEWT|NICErsPRO|Ninja|NPBot|Octopus|Offline\ Explorer|Offline\ Navigator|OpaL|Openfind|OpenTextSiteCrawler|OrangeBot|PageGrabber|Papa\ Foto|PackRat|pavuk|pcBrowser|PersonaPilot|Ping|PingALink|Pockey|Proxy|psbot|PSurf|puf|Pump|PushSite|QRVA|RealDownload|Reaper|Recorder|ReGet|replacer|RepoMonkey|Robozilla|Rover|RPT-HTTPClient|Rsync|Scooter|SearchExpress|searchhippo|searchterms\.it|Second\ Street\ Research|Seeker|Shai|Siphon|sitecheck|sitecheck.internetseer.com|SiteSnagger|SlySearch|SmartDownload|snagger|Snake|SpaceBison|Spegla|SpiderBot|sproose|SqWorm|Stripper|Sucker|SuperBot|SuperHTTP|Surfbot|SurfWalker|Szukacz|tAkeOut|tarspider|Teleport\ Pro|Templeton|TrueRobot|TV33_Mercator|UIowaCrawler|UtilMind|URLSpiderPro|URL_Spider_Pro|Vacuum|vagabondo|vayala|visibilitygap|VoidEYE|vspider|Web\ Downloader|w3mir|Web\ Data\ Extractor|Web\ Image\ Collector|Web\ Sucker|Wweb|WebAuto|WebBandit|web\.by\.mail|Webclipping|webcollage|webcollector|WebCopier|webcraft@bea|webdevil|webdownloader|Webdup|WebEMailExtrac|WebFetch|WebGo\ IS|WebHook|Webinator|WebLeacher|WEBMASTERS|WebMiner|WebMirror|webmole|WebReaper|WebSauger|Website|Website\ eXtractor|Website\ Quester|WebSnake|Webster|WebStripper|websucker|webvac|webwalk|webweasel|WebWhacker|WebZIP|Wget|Whacker|whizbang|WhosTalking|Widow|WISEbot|WWWOFFLE|x-Tractor|^Xaldon\ WebSpider|WUMPUS|Xenu|XGET|Zeus.*Webster|Zeus [NC]
RewriteRule ^.* - [F,L]

This unfortunately blocks images in our newsletter. Can someone spot which block I should cancel?

I also have

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?neme\.org/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?news\.neme\.org/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?cyprus\.neme\.org/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?forum\.neme\.org/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?hblack\.net/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?google\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?google\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?altavista\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?altavista\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?msn\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?msn\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?a9\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?a9\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?bing\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?bing\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?ixquick\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?ixquick\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?yandex\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?yandex\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?yahoo\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?yahoo\.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?excite\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?excite\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?goo\.ne\.jp/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?wolframalpha\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?wolframalpha\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?picsearch\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?picsearch\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?duckduckgo\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?duckduckgo\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?tineye\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?tineye\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?archive\.org/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?archive\.org/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?baidu\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?baidu\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?ask\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?ask\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?faganfinder\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http?://([^.]+\.)?faganfinder\.com/.*$ [NC]
RewriteRule .*\.(gif|jpg|png|svg)$ https://lh3.googleusercontent.com/-KDvIl3r2wdM/AAAAAAAAAAI/AAAAAAAAAAA/fZTmVSnqmxA/s120-c/photo.jpg [R,NC,L]
</ifModule>

which is also a problem… I guess.

Any advice?


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#2 2017-01-16 09:21:18

philwareham
Core designer
From: Haslemere, Surrey, UK
Registered: 2009-06-11
Posts: 3,564
Website GitHub Mastodon

Re: htaccess: hotlinking of images

Another option, if you have access to the site’s DNS, you could use Cloudflare. There is a setting to prevent hot linking. Plus you get the benefits of their CDN.

Downside is a third party pipes your DNS, so you have to weigh up the pros and cons. FYI I use Cloudflare on the Textpattern docs site (although hot linking isn’t turned on).

Offline

#3 2017-01-16 11:56:49

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,091
Website GitHub Mastodon Twitter

Re: htaccess: hotlinking of images

No Cloudflare for me:(


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#4 2017-01-16 13:14:30

maniqui
Member
From: Buenos Aires, Argentina
Registered: 2004-10-10
Posts: 3,070
Website

Re: htaccess: hotlinking of images

Hi colak.
Take a look at this thread:
www.sitepoint.com/community/t/hotlink-code-prevent-images-from-display-in-email/23931/8

A solution suggested there is to serve newsletter images from a different folder where the .htaccess hotlinking rules are disabled.
This might be a bit more difficult if you plan to use the images managed by Textpattern.
In that case, I can think of two possible solutions :

  1. in the newsletter articles, you use some “fake” URL for the images, that gets rewritten (by htaccess) to the correct one. For example: /images/newsletter/123.jpg gets rewritten (but not redirected) to /images/123.jpg. Then, you also add a RewriteCond for disabling hotlinking rules on REQUEST_URI that includes /newsletter/.
  2. alternatively (and probably easier), you could use smd_thumbnail to create a “newsletter” thumbnail profile, which will store the automatically generated thumbnails in the /newsletter/ folder. Then, you use those images in your newsletter articles. Finally, you exclude that /newsletter/ folder from the hotlinking rules (or disable them via an .htaccess file stored on that folder).

La música ideas portará y siempre continuará

TXP Builders – finely-crafted code, design and txp

Offline

#5 2017-01-16 13:37:23

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,091
Website GitHub Mastodon Twitter

Re: htaccess: hotlinking of images

Hmmm… Thanks Julian, that could be a solution

What are your opinions about base64 encodings and embedding of images?

This would actually be sending the images in the email body as opposed to ‘hotlinking’ them from the site.

>Edit: not supported by most clients.

but using the cid method may do it. Only if I knew how to hack postmaster for that!


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#6 2017-01-16 18:56:25

maniqui
Member
From: Buenos Aires, Argentina
Registered: 2004-10-10
Posts: 3,070
Website

Re: htaccess: hotlinking of images

Both the base64 encoding method (poorly supported) and the cid method seems a bit harder and overkilling. Not to mention that both will make the email size to grow to a few megabytes, which might bring other issues to the users (email recipients in this case).

I’d go with the solution of storing those images on a different, failsafe folder that would be not affected by anti-hotlinking rules. smd_thumbnail would make it a breeze to manage those images from within Textpattern without disrupting the current workflow nor the need to start hacking postmaster.


La música ideas portará y siempre continuará

TXP Builders – finely-crafted code, design and txp

Offline

Board footer

Powered by FluxBB