Anti-Theft Chain | Tips website is hotlinking, is to let a lot of webmaster headaches, how to solve this problem?
There are special field records in the HTTP standard protocol Referer
which can be traced back to an inbound address.
And for the resource file, you can track what the address of the page contains to show him.
So all anti-theft chain methods are based on this referer field
More than 2 kinds of online
One is to use the Apache file Filematch limit, add in httpd.conf (in fact, you can also save the following statement as a. htaccess file) and put it in the root directory of your site (that is, the www/html directory), There's no way someone else can steal your stuff.
Setenvifnocase Referer "^http://yahoo.com/" local_ref=1
Order Allow,deny
Allow from Env=local_ref
Allow from 127.0.0.1
This makes it convenient to disallow access to a URL to a variety of resource files
Please note that the first sentence "^http://yahoo.com/" is changed to your website.
The second is the use of rewrite, the need to add Apache Mode_rewrite, support. htaccess file Directory permission restrictions
Add the. htaccess file in the root directory of the virtual host, describing from the orientation, refer the image files from the non-local address to the warning picture or warning page.
First make sure your server or space server interpreter engine for APACHE2, and support. htaccess Client setup file,
If you have your own server, please make the following modifications to the./conf/httpd.conf file First
Find: #LoadModule rewrite_module modules/mod_rewrite.so
Throw away the front #
Find and wait for a allowoverride None to allowoverride all
Restarting the APACHE2 server
The next thing is to make a. htaccess file, the. htaccess file contains
Rewriteengine on
Rewritecond%{http_referer}!^http://aaoo.net/.*$ [NC]
Rewritecond%{http_referer}!^http://aaoo.net$ [NC]
Rewritecond%{http_referer}!^http://www.aaoo.net/.*$ [NC]
Rewritecond%{http_referer}!^http://www.aaoo.net$ [NC]
Rewriterule. *. (jpg|jpeg|gif|png|bmp|rar|zip|exe) $ http://down.yoyo.com.ru/err.html [R,NC]
where all the colored places are changed to yours:
Red: That is, you provide the address of the download page, that is, only through this address can download the dongdong you provided.
Blue: is to protect file extensions (separated by |), meaning that files with these extensions are accessible only through red addresses.
Green: Redirects to a green address if the blue files are not accessed through a red address, which is the file name extension.
One advantage of this approach is that different virtual hosts are defined with different descriptions.
Then how to use the. htaccess file to implement the Anti-Theft chain.
First you have to build two directories in space (with your directory name, of course), one for the web and the other for Down,
The web is used to put down the load page (or download the program), down of course is to let you provide the stuff,
Change the red part of the. htaccess file to http://your domain/web. Blue part
Change to the extension of the file you want to protect. Change the green section to http://your domain/web. Save after change
The. htaccess file uploads it to the down directory.
There is also a third type:
I found a problem when I solved the plog ban hotlinking, and it was a good method.
Plog all resources are managed by themselves, using resserver.php to dynamically display, such a unified access to add permissions to facilitate the operation.
At the same time, the above 2 methods can not be used, because it is no longer Apache direct access to the resource file, but PHP read through the file.
So you can only tamper with the code: before reading the output of the resource file, add the following judgment code
Reference
$referer = $_server[' Http_referer '];
$selfurl = $_server[' http_host '];
if (false = = Strpos ($referer, $selfurl))
{
echo ' illegal hotlinking! ';
Exit (1);
}
Here some lazy, directly to see whether the reference address contains the host address, but the principle is this, to determine whether Referer is the site address.
We often download the time, also encountered hotlinking Web site can not download, reported the problem of hotlinking. The easiest way to download this type of file is to change the Referer
For example, in FlashGet, the URL below the "Reference" column, directly fill in the download address on it.