PHP picture anti-theft chain tool: Hotlink protection_php Tutorial

The principle of hotlink protection is to utilize Apache's Rewritecond function to detect request Referer when a file request is received, only the URL of this website is released. This principle is very suitable for self-made avatar protection, because the avatar should only be used inside the site.

Below take Discuz as an example, say how to use: fierce ... Fire...... Network...... Anti -...... Stolen...... Chain

Discuz's built-in Avatar is saved in the/forum/images/avatars/directory, I just want to protect these built-in avatar, user uploaded avatar and other pictures do not limit others to reference, so Rewritecond code placed in this directory:

Copy to ClipboardWhat to refer to: [www.bkjia.com]Rewriteengine on
Rewritecond%{http_referer}!^http://bkjia.com/.*$ [NC]
Rewritecond%{http_referer}!^http://bkjia.com$ [NC]
Rewritecond%{http_referer}!^http://www.bkjia.com/.*$ [NC]
Rewritecond%{http_referer}!^http://www.bkjia.com$ [NC]
Rewriterule. *\. (jpg|jpeg|gif|png) $ http://www.bkjia.com/img/hp.gif [R,NC]

Four Rewritecond exclude four ways to access their own web site, is not with the WWW access to a page, without WWW access to the site home page, with a WWW access to a site and a website with www visit home. Http_referer in these four cases, and the file ends with JPG or JPEG, GIF, PNG to the Http://www.bkjia.com/img/hp.gif file.

Save this file as. htaccess, and upload it to the/forum/images/avatars/directory. If you want to protect the image of the entire site upload to the root directory, if you want to protect files in other formats, add the extension directly in Rewriterule.

By the way: This method has certain limitations, such as some download tools can send custom "reference" value, in addition, some users installed firewall, anti-virus software will prevent the browser to send Http_referer value to the server, so their normal browsing will be affected. I do not know how this kind of firewall software manufacturers think, because this is only about privacy (and mainly the privacy of the Http_referer site, not related to visitors), and network security is irrelevant.

http://www.bkjia.com/PHPjc/364608.html www.bkjia.com true http://www.bkjia.com/PHPjc/364608.html techarticle the principle of hotlink protection is to utilize Apache's Rewritecond function to detect request Referer when a file request is received, only the URL of this website is released. This principle is suitable for self-made avatar ...

