PHP picture anti-theft chain tool: Hotlink protection_php Tutorial

Source: Internet
Author: User
The principle of hotlink protection is to utilize Apache's Rewritecond function to detect request Referer when a file request is received, only the URL of this website is released. This principle is very suitable for self-made avatar protection, because the avatar should only be used inside the site.

Below take Discuz as an example, say how to use: fierce ... Fire...... Network...... Anti -...... Stolen...... Chain

Discuz's built-in Avatar is saved in the/forum/images/avatars/directory, I just want to protect these built-in avatar, user uploaded avatar and other pictures do not limit others to reference, so Rewritecond code placed in this directory:

Copy to ClipboardWhat to refer to: [www.bkjia.com]Rewriteengine on
Rewritecond%{http_referer}!^http://bkjia.com/.*$ [NC]
Rewritecond%{http_referer}!^http://bkjia.com$ [NC]
Rewritecond%{http_referer}!^http://www.bkjia.com/.*$ [NC]
Rewritecond%{http_referer}!^http://www.bkjia.com$ [NC]
Rewriterule. *\. (jpg|jpeg|gif|png) $ http://www.bkjia.com/img/hp.gif [R,NC]

Four Rewritecond exclude four ways to access their own web site, is not with the WWW access to a page, without WWW access to the site home page, with a WWW access to a site and a website with www visit home. Http_referer in these four cases, and the file ends with JPG or JPEG, GIF, PNG to the Http://www.bkjia.com/img/hp.gif file.

Save this file as. htaccess, and upload it to the/forum/images/avatars/directory. If you want to protect the image of the entire site upload to the root directory, if you want to protect files in other formats, add the extension directly in Rewriterule.

By the way: This method has certain limitations, such as some download tools can send custom "reference" value, in addition, some users installed firewall, anti-virus software will prevent the browser to send Http_referer value to the server, so their normal browsing will be affected. I do not know how this kind of firewall software manufacturers think, because this is only about privacy (and mainly the privacy of the Http_referer site, not related to visitors), and network security is irrelevant.

http://www.bkjia.com/PHPjc/364608.html www.bkjia.com true http://www.bkjia.com/PHPjc/364608.html techarticle the principle of hotlink protection is to utilize Apache's Rewritecond function to detect request Referer when a file request is received, only the URL of this website is released. This principle is suitable for self-made avatar ...

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.