htaccess anti hotlinking prevent directory browsing and other 10 tips
- 2020-05-06 12:00:35
- OfStack
1. Anti-hotlinking
Websites that steal your content and don't want to store their own images are shameless. You can place your stolen images in the following configuration:
2. Prevent directory browsing
Sometimes directory browsing is useful, but in most cases there are security issues. To make your site more secure, you can disable this feature with the htaccess file:
3. SEO friendly 301 permanent redirect
This is a trick I often use. Every time I change the URL structure of the site, I do a 301 redirect:
4. Displays a personalized 404 error page,
When a user accesses a page that does not exist, the web server displays a 404 file not found error. There are many CMS that let you set up custom error pages, but the easiest way is to change htaccess:
5. Set the default page of the directory
If you need to set different default pages for different directories, you can easily use.htaccess:
6. Restrict site access to
based on referer Webmasters don't usually restrict access to their sites, but if you find some sites that are bringing you spam, you should block them:
7. Limit the upload size of PHP to
This works well on Shared space servers, allowing my users to upload larger files. The first is to set the maximum uploaded file size, the second is to set the maximum POST request size, the third PHP script takes the longest execution time, and the last is the maximum time the script parses the uploaded file:
8. Zip
You can reduce network traffic by compressing files, as well as page load time:
9. Cache file
Does this need further explanation?
10. Add the trailing backslash
I'm not sure, but a lot of articles, a lot of people say that adding a trailing backslash is good for SEO:
USES.Htaccess to prevent images from hotlinking
First, explain the picture against hotlinking and steering:
What is the use of pictures against hotlinking?
Prevent other websites from stealing your images and wasting your valuable traffic.
What's the point of picture steering?
If your site is based on pictures, which day found that the end of the month did not flow to nearly used up, then you can take advantage of the picture steering, without modifying the premise of the page, the picture download request to other space (such as trial host), temporary transition.
Now, if your images are in the img directory, place a file called.htaccess in that directory, which reads:
Roughly:
This part is to determine whether it is hotlinking or not. If all the above conditions are true (i.e. the request to access the picture is not directly entered from the url, jb51.net, zhuaxia.com, google.com, baidu.com, bloglines.com), then the following redirect is performed:
This means that all the web pages of the jpg, gif, png, bmp, swf, jpeg files in the img directory of hotlinking img are to be replaced by the replace.gif images in the image directory. Be careful not to replace the images shown in the img directory with hotlinking-proof Settings. If the above rule determines that the image request is not hotlinking, the following redirect is performed:
This means that all requests to the img directory are directed to the target server, such as an image where the original url is going. Of course, you have to copy all the files in the img directory of the original server to the image directory of the temporary server before the redirect is actually available. The effect is to download the original server image occupied by the traffic all save, let the temporary server to bear.
Websites that steal your content and don't want to store their own images are shameless. You can place your stolen images in the following configuration:
RewriteBase /
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?yoursite.com/.*$ [NC]
RewriteRule .(gif|jpg|swf|flv|png)$ /feed/ [R=302,L]
2. Prevent directory browsing
Sometimes directory browsing is useful, but in most cases there are security issues. To make your site more secure, you can disable this feature with the htaccess file:
Options All -Indexes
3. SEO friendly 301 permanent redirect
This is a trick I often use. Every time I change the URL structure of the site, I do a 301 redirect:
1 Redirect 301 http://www.yoursite.com/article.html http://www.yoursite.com/archives/article
4. Displays a personalized 404 error page,
When a user accesses a page that does not exist, the web server displays a 404 file not found error. There are many CMS that let you set up custom error pages, but the easiest way is to change htaccess:
ErrorDocument 404 /404.html
5. Set the default page of the directory
If you need to set different default pages for different directories, you can easily use.htaccess:
DirectoryIndex about.html
6. Restrict site access to
based on referer Webmasters don't usually restrict access to their sites, but if you find some sites that are bringing you spam, you should block them:
<IfModule mod_rewrite.c>
RewriteEngine on RewriteCond %{HTTP_REFERER} spamteam.com [NC,OR]
RewriteCond %{HTTP_REFERER} trollteam.com [NC,OR]
RewriteRule .* � [F]
</ifModule>
7. Limit the upload size of PHP to
This works well on Shared space servers, allowing my users to upload larger files. The first is to set the maximum uploaded file size, the second is to set the maximum POST request size, the third PHP script takes the longest execution time, and the last is the maximum time the script parses the uploaded file:
php_value upload_max_filesize 20M
php_value post_max_size 20M
php_value max_execution_time 200
php_value max_input_time 200
8. Zip
You can reduce network traffic by compressing files, as well as page load time:
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
9. Cache file
Does this need further explanation?
<FilesMatch " .(flv|gif|jpg|jpeg|png|ico|swf|js|css|pdf)$ " >
Header set Cache-Control " max-age=2592000 "
</FilesMatch>
10. Add the trailing backslash
I'm not sure, but a lot of articles, a lot of people say that adding a trailing backslash is good for SEO:
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_URI} /+[^\.]+$
RewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]
</IfModule>
USES.Htaccess to prevent images from hotlinking
First, explain the picture against hotlinking and steering:
What is the use of pictures against hotlinking?
Prevent other websites from stealing your images and wasting your valuable traffic.
What's the point of picture steering?
If your site is based on pictures, which day found that the end of the month did not flow to nearly used up, then you can take advantage of the picture steering, without modifying the premise of the page, the picture download request to other space (such as trial host), temporary transition.
Now, if your images are in the img directory, place a file called.htaccess in that directory, which reads:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !jb51.net [NC]
RewriteCond %{HTTP_REFERER} !zhuaxia.com [NC]
RewriteCond %{HTTP_REFERER} !google.com [NC]
RewriteCond %{HTTP_REFERER} !baidu.com [NC]
RewriteCond %{HTTP_REFERER} !bloglines.com [NC]
RewriteRule .(jpg|gif|png|bmp|swf|jpeg) /image/replace.gif [R,NC,L]
RewriteRule ^(.*)$ http:\/\/image.jb51.net\/image\/$1 [L]
Roughly:
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !jb51.net [NC]
RewriteCond %{HTTP_REFERER} !zhuaxia.com [NC]
RewriteCond %{HTTP_REFERER} !google.com [NC]
RewriteCond %{HTTP_REFERER} !baidu.com [NC]
RewriteCond %{HTTP_REFERER} !bloglines.com [NC]
This part is to determine whether it is hotlinking or not. If all the above conditions are true (i.e. the request to access the picture is not directly entered from the url, jb51.net, zhuaxia.com, google.com, baidu.com, bloglines.com), then the following redirect is performed:
RewriteRule .(jpg|gif|png|bmp|swf|jpeg) /image/replace.gif [R,NC,L]
This means that all the web pages of the jpg, gif, png, bmp, swf, jpeg files in the img directory of hotlinking img are to be replaced by the replace.gif images in the image directory. Be careful not to replace the images shown in the img directory with hotlinking-proof Settings. If the above rule determines that the image request is not hotlinking, the following redirect is performed:
RewriteRule ^(.*)$ http:\/\/image.jb51.net\/image\/$1 [L]
This means that all requests to the img directory are directed to the target server, such as an image where the original url is going. Of course, you have to copy all the files in the img directory of the original server to the image directory of the temporary server before the redirect is actually available. The effect is to download the original server image occupied by the traffic all save, let the temporary server to bear.