Use Apache's htaccess solution to prevent images from being hotlinking

  • 2020-06-01 08:43:57
  • OfStack

Method 1:
The commands required are as follows:

RewriteEngine on  

 RewriteCond %{ HTTP_REFERER } !^$  

 RewriteCond %{ HTTP_REFERER } !^http://(www.)? /.*$ [NC]  

 RewriteRule .(gif &line;jpg)$ - [F] 

If you don't think it's nice to have someone's page skylight, use a picture instead:

Look at the code

 RewriteEngine on  

 RewriteCond %{ HTTP_REFERER } !^$  

 RewriteCond %{ HTTP_REFERER } !^http://(www.)?*$ [NC]  

 RewriteRule .(gif &line;jpg)$ / Alternate image file name  [R,L] 
 It is important to note that if passed FTP The mode will be created well .htaccess Upload to server, transfer mode should be ASCII Rather than Binary . Once uploaded to the server, its properties should be passed  CHMOD Modified to 644  Or" RW-R � R ", which ensures that the server can be used and cannot be modified through the browser. Of course, .htaccess The readable property also exists 1 Fixed risk: it can be found by an attacker   The object you want to protect or the location of the authentication file -- the solution is to authenticate the file .htpasswd Put it outside the root of your site, so you can't find it on the web. 

Method 2:

 Look at the code 01 RewriteEngine on  

 RewriteCond %{HTTP_REFERER} !^$ [NC]  

 RewriteCond %{HTTP_REFERER} ! [NC]  

 RewriteCond %{HTTP_REFERER} ! [NC]  

 RewriteCond %{HTTP_REFERER} ! [NC]  

 RewriteRule .*\.(gif|jpg)$ /no.png [R,NC,L] 

Simple explanation 1 below the above statement:
1, RewriteCond %{HTTP_REFERER}! ^ $[NC]

Allows empty "HTTP_REFERER" access, which allows the user to enter the image address directly in the browser address bar while the image file is displayed. 1 in general, this is optional, but it is recommended that you set it so that if you force "HTTP_REFERER" to access it, you may have some problems, such as when the user is accessing it through a proxy server.

2, RewriteCond %{HTTP_REFERER}! simue. com [NC]

Set access to HTTP sources, including our website itself, Google, Baidu, and so on.

3, RewriteRule. * \. (gif | jpg | png) $http: / / www simue. com/no png [R NC, L]

Define the image to be replaced by hotlinking, and let all the pages of hotlinking jpg, gif, png, etc., display the no.png file in the root directory. Note: do not place the replacement image in the hotlinking-proof directory, and the smaller the image file, the better. Of course, you can not set the replacement image, but use the following statement:

RewriteRule .*\.(gif|jpg|png)$ - [F]

4. Please refer to R, NC and L in description 1

R means to turn
NC means case-insensitive
The purpose of the L is to indicate that this turn ends and that subsequent turns are not affected by the previous judgment statement

5. Prevent hotlinking file types

The above examples are gif, jpg, png, and other file types can be changed or added as needed, such as rar, swf, etc. Different file extensions are separated by "|".

Related articles: