|
Home > Archive > Apache Server configuration support > October 2005 > rewrite rule question
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
rewrite rule question
|
|
|
| How can i get this to serve up the Test.jpg instead of the original request?
Here's what i have (its in my document root in an .htaccess file),
but it doesnt work.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?MySite.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ http://www.MySite.com/Images/Test.jpg [R,L]
Basically this has to do with Hotlinking. I want to take whatever
image the request is for and serve up the Test.jpg instead.
Here is another method I was exploring. It blocks the hotlinking ok
but i want it to serve my Test.jpg instead of just blocking the request:
SetEnvIfNoCase Referer "^http://www.MySite.com/" locally_linked=1
SetEnvIfNoCase Referer "^http://www.MySite.com$" locally_linked=1
SetEnvIfNoCase Referer "^http://MySite.com/" locally_linked=1
SetEnvIfNoCase Referer "^http://MySite.com$" locally_linked=1
SetEnvIfNoCase Referer "^$" locally_linked=1
<FilesMatch "\.(gif|png|jpe?g|avi|mpg|wmv)$">
Order Allow,Deny
Allow from env=locally_linked
HOW_DO_I: if not locally_linked - send them the Test.jpg
</FilesMatch>
I kind of like this better, but I dont see how to send out the Test.jpg
instead of the image requested. "if locally_linked!=1 then send Test.jpg"
Thanks
Eric
| |
|
| "Eric" <nospam@email.com> schreef in bericht
news:f-Cdnegp_IbT-NHenZ2dnUVZ_sidnZ2d@comcast.com...
> How can i get this to serve up the Test.jpg instead of the original
request?
>
> Here's what i have (its in my document root in an .htaccess file),
> but it doesnt work.
Does not work with eror or not at all??
>
> RewriteEngine on
> RewriteCond %{HTTP_REFERER} !^$
> RewriteCond %{HTTP_REFERER} !^http://(www\.)?MySite.com/.*$ [NC]
> RewriteRule \.(gif|jpg)$ http://www.MySite.com/Images/Test.jpg [R,L]
Look good to me ... add a line reading 'bogus' to the file.
If no error is reported during a request,.htaccess is not supported.
HansH
| |
| Justin Koivisto 2005-10-24, 4:44 pm |
| Eric wrote:
> How can i get this to serve up the Test.jpg instead of the original request?
>
> Here's what i have (its in my document root in an .htaccess file),
> but it doesnt work.
>
> RewriteEngine on
> RewriteCond %{HTTP_REFERER} !^$
if the referrer is not empty...
> RewriteCond %{HTTP_REFERER} !^http://(www\.)?MySite.com/.*$ [NC]
and it is not <your site> ...may want to change that to:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?MySite.com [NC]
> RewriteRule \.(gif|jpg)$ http://www.MySite.com/Images/Test.jpg [R,L]
You don't happen to have something like Norton Personal Firewall or
anything like that installed do you? If you do, then your referrer is
going to be empty, as well as anyone else that has that type of software
installed (or going through certain proxies as well)...
--
Justin Koivisto, ZCE - justin@koivi.com
http://koivi.com
| |
|
| Justin Koivisto wrote:
> Eric wrote:
>
>
> if the referrer is not empty...
>
>
> and it is not <your site> ...may want to change that to:
> RewriteCond %{HTTP_REFERER} !^http://(www\.)?MySite.com [NC]
>
>
> You don't happen to have something like Norton Personal Firewall or
> anything like that installed do you? If you do, then your referrer is
> going to be empty, as well as anyone else that has that type of software
> installed (or going through certain proxies as well)...
>
No firewall, except iptables (I'm on a linux system)
| |
|
| HansH wrote:
> "Eric" <nospam@email.com> schreef in bericht
> news:f-Cdnegp_IbT-NHenZ2dnUVZ_sidnZ2d@comcast.com...
> request?
> Does not work with eror or not at all??
> Look good to me ... add a line reading 'bogus' to the file.
> If no error is reported during a request,.htaccess is not supported.
>
> HansH
you mean you have to create an error in the .htaccess file to get it to
work? That doesnt seem right. I've gotten it to block hotlinking, just
doesnt seem to want to serve my alternate jpg file
Eric
| |
| Purl Gurl 2005-10-24, 4:44 pm |
| Eric wrote:
(snipped)
> Here's what i have (its in my document root in an .htaccess file),
> but it doesnt work.
> RewriteEngine on
> RewriteCond %{HTTP_REFERER} !^$
> RewriteCond %{HTTP_REFERER} !^http://(www\.)?MySite.com/.*$ [NC]
> RewriteRule \.(gif|jpg)$ http://www.MySite.com/Images/Test.jpg [R,L]
There are two problems with your syntax.
Most obvious is you are missing .* at the beginning of your Rule.
I will write about that later.
A problem few figure out is creating an endless loop using an .htaccess
redirection from one file extension to the same file extension, different
file names, within the same directory.
You want to protect your "image" directory. So you create an .htaccess file
which redirects any (some file).jpg access to "test.jpg" both of which
are in the same directory. A redirect takes place, your .htaccess redirects
to test.jpg, your .htacess catches the .jpg in test.jpg, redirects to test.jpg
and catches the .jpg in test.jpg and redirects... there you go, an endless loop.
request -> my.jpg -> caught jpg -> redirect -> test.jpg -> caught jpg -> redirect -> test.jpg -> caught jpg -> redirect...
You cannot redirect from a .jpg to another .jpg in the same directory. You MUST redirect
to a different directory, else an endless loop is created:
"Redirection limit for this URL exceeded. Unable to load the the requested page."
That is what you read in many browsers when your Apache is in an endless loop.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$|.*MySite.com.*$ [NC]
RewriteRule .*(gif|jpg)$ http://www.MySite.com/DIFFERENT/DIRECTORY/Test.jpg
Do NOT redirect to the same directory. Do NOT redirect to a child directory.
You MUST redirect above or outside your current directory and child directories;
above or outside your .htaccess directory.
This syntax:
RewriteCond %{HTTP_REFERER} !^$|.*MySite.com.*$ [NC]
..*MySite.com.* will catch any jpg or gif file request if added
to your .htaccess file, in any directory. Otherwords, within the
current directory or _child_ directories.
You may want to be more specific,
..*MySite.com/protect/this/image_directory.*
The "catching" of any jpg or gif is based on your subsequent Rule.
You are to remember, this does NOT always work. A referrer variable
is very easy to fake. However, I don't think a person would bother
faking that variable simply to look at a picture. You are also to
remember many browsers do NOT provide a referrer variable; you will
be inadvertently redirecting innocent visitors.
This syntax:
RewriteRule .*(gif|jpg)$ http://www.MySite.com/DIFFERENT/DIRECTORY/Test.jpg
Notice the .* at the beginning. This is to match your http stuff.
You are _missing_ that in your syntax. "Match anything plus gif OR jpg"
Note I have removed \. from the syntax. It is ok to use that but
is not needed. Matching will be for any file ending with three
characters, gif OR jpg and no other. That syntax is simply shorthand.
You may use .*\.gif$ or .*gif$ with the same results. You will need
to be careful if you have a file ending with those letters, myfilegif
which would be matched and redirected.
Your \.(gif|jpg)$ is trying to match .gif OR .jpg and NOTHING else.
ONLY a file named ".gif" OR ".jpg" would be matched, literally.
Add .* to the beginning of your Rule and your problem should vanish.
If not, you have problems elsewhere.
Remember, you MUST redirect to a different directory or you will
create an endless loop. You can, under certain circumstances,
use all your system resources causing your system to "stagger"
or even completely stop; freeze up.
Purl Gurl
| |
| Purl Gurl 2005-10-24, 4:44 pm |
|
Eric wrote:
> Here is another method I was exploring. It blocks the hotlinking ok
> but i want it to serve my Test.jpg instead of just blocking the request:
> SetEnvIfNoCase Referer "^http://www.MySite.com/" locally_linked=1
> SetEnvIfNoCase Referer "^http://www.MySite.com$" locally_linked=1
(snipped)
Don't use that!
Read:
http://httpd.apache.org/docs/1.3/env.html
That is for early Apache but general concepts still apply.
Using environment variables consumes system resources resulting
in slower operation. Modifying your environment is inefficient
and can lead to real problems, if care is not taken.
Do note within that Apache page notes about cgi applications
and SSI when used with suexec. You will also note restrictions
on which characters (letters, numbers...) you may use or not use.
Leave your environment alone save for very specific circumstances,
such as custom logging. Even logging is better handled otherwise.
Stick with .htaccess and redirects for your needs.
Purl Gurl
| |
|
| "Eric" <nospam@email.com> schreef in bericht
news:ktGdnfeOaN0vJNDeRVn-pw@comcast.com...
> HansH wrote:
>
> you mean you have to create an error in the .htaccess file to get it to
> work?
No,that's not what I ment ... creating a known error is a method of testing
;-)
So add 'bogus' _temporally_ and have an erro for any rewquest.
If no errors are reported .htaccess is ignored.
HansH
| |
|
| "Purl Gurl" <purlgurl@purlgurl.net> schreef in bericht
news:434DD2A6.2000709@purlgurl.net...
> Eric wrote:
>
[vbcol=seagreen]
>... there you go, an endless loop.
> request -> my.jpg -> caught jpg -> redirect -> test.jpg -> caught jpg ->
redirect -> test.jpg -> caught jpg -> redirect...
> You cannot redirect from a .jpg to another .jpg in the same directory. You
> MUST redirect to a different directory, else an endless loop is created:
I confess to have *again* missed such loop, however adding
RewriteCond %{REQUEST_URI} !^/Images/Test.jpg$
will solve the issue.
> Your \.(gif|jpg)$ is trying to match .gif OR .jpg and NOTHING else.
> ONLY a file named ".gif" OR ".jpg" would be matched, literally.
AFAIK the rules of regex '\.(gif|jpg)$' is matching any file _ending_ .gif
or .jpg.
This regex is discarding the prefixed path and partial file name, so why
bother the .* ??
HansH
| |
| Justin Koivisto 2005-10-24, 4:44 pm |
| Eric wrote:
> Justin Koivisto wrote:
>
> No firewall, except iptables (I'm on a linux system)
My point was that using the HTTP_REFERER will only help marginally as
more and more proxies and firewall software remove the referrer header
from requests. You may want to instead use a scripted solution if you
are serious about sending a different image to those who have not gotten
the request from your site.
--
Justin Koivisto, ZCE - justin@koivi.com
http://koivi.com
| |
|
| Purl Gurl wrote:
> Eric wrote:
>
> (snipped)
>
>
>
> There are two problems with your syntax.
>
> Most obvious is you are missing .* at the beginning of your Rule.
> I will write about that later.
>
> A problem few figure out is creating an endless loop using an .htaccess
> redirection from one file extension to the same file extension, different
> file names, within the same directory.
>
> You want to protect your "image" directory. So you create an .htaccess
> file
> which redirects any (some file).jpg access to "test.jpg" both of which
> are in the same directory. A redirect takes place, your .htaccess
> redirects to test.jpg, your .htacess catches the .jpg in test.jpg,
> redirects to test.jpg and catches the .jpg in test.jpg and redirects...
> there you go, an endless loop.
>
> request -> my.jpg -> caught jpg -> redirect -> test.jpg -> caught jpg ->
> redirect -> test.jpg -> caught jpg -> redirect...
>
> You cannot redirect from a .jpg to another .jpg in the same directory. You
> MUST redirect to a different directory, else an endless loop is created:
>
> "Redirection limit for this URL exceeded. Unable to load the the requested
> page."
>
> That is what you read in many browsers when your Apache is in an endless
> loop.
>
> RewriteEngine on
> RewriteCond %{HTTP_REFERER} !^$|.*MySite.com.*$ [NC]
> RewriteRule .*(gif|jpg)$
> http://www.MySite.com/DIFFERENT/DIRECTORY/Test.jpg
>
> Do NOT redirect to the same directory. Do NOT redirect to a child
> directory. You MUST redirect above or outside your current directory and
> child directories; above or outside your .htaccess directory.
>
> This syntax:
>
> RewriteCond %{HTTP_REFERER} !^$|.*MySite.com.*$ [NC]
>
> .*MySite.com.* will catch any jpg or gif file request if added
> to your .htaccess file, in any directory. Otherwords, within the
> current directory or _child_ directories.
>
> You may want to be more specific,
>
> .*MySite.com/protect/this/image_directory.*
>
> The "catching" of any jpg or gif is based on your subsequent Rule.
>
> You are to remember, this does NOT always work. A referrer variable
> is very easy to fake. However, I don't think a person would bother
> faking that variable simply to look at a picture. You are also to
> remember many browsers do NOT provide a referrer variable; you will
> be inadvertently redirecting innocent visitors.
>
> This syntax:
>
> RewriteRule .*(gif|jpg)$
> http://www.MySite.com/DIFFERENT/DIRECTORY/Test.jpg
>
> Notice the .* at the beginning. This is to match your http stuff.
> You are _missing_ that in your syntax. "Match anything plus gif OR jpg"
>
> Note I have removed \. from the syntax. It is ok to use that but
> is not needed. Matching will be for any file ending with three
> characters, gif OR jpg and no other. That syntax is simply shorthand.
>
> You may use .*\.gif$ or .*gif$ with the same results. You will need
> to be careful if you have a file ending with those letters, myfilegif
> which would be matched and redirected.
>
> Your \.(gif|jpg)$ is trying to match .gif OR .jpg and NOTHING else.
> ONLY a file named ".gif" OR ".jpg" would be matched, literally.
>
> Add .* to the beginning of your Rule and your problem should vanish.
> If not, you have problems elsewhere.
>
> Remember, you MUST redirect to a different directory or you will
> create an endless loop. You can, under certain circumstances,
> use all your system resources causing your system to "stagger"
> or even completely stop; freeze up.
>
> Purl Gurl
Thank you very much. I will take some time to digest this info
Eric
| |
|
| Justin Koivisto wrote:
> Eric wrote:
>
>
> My point was that using the HTTP_REFERER will only help marginally as
> more and more proxies and firewall software remove the referrer header
> from requests. You may want to instead use a scripted solution if you
> are serious about sending a different image to those who have not gotten
> the request from your site.
>
What would the script key off of? Any place (example) i can see how this is
done right?
Thanks
Eric
| |
| Justin Koivisto 2005-10-24, 4:44 pm |
| Eric wrote:
> Justin Koivisto wrote:
>
>
>
> What would the script key off of? Any place (example) i can see how this is
> done right?
> Thanks
> Eric
Depends on how strict you want to be with limiting images to your own
site's requests...
One thing that I had done in the past with a client that was *really*
paranoid about this issue is outlined below:
1. All images were requested via "example.com/image.php?id=NUMBER"
2. Every time a page was requested, the images that were used in that
page were each assigned a RANDOM number which was stored in a database.
3. image.php used id to lookup which image to send in the database. If
the number wasn't there, a default image was passed in its place.
This got to be quite a load on the server, so I had later modified it to
do the following:
1. Every 6 hours, a script was fired (via cron) to read the images
directory. Each filename was assigned an id and stored in the database.
Each of the images were copied into a separate cache directory, saved as
their id.
2. image.php looked up the id from the database, and sent the image from
the cache directory if it existed.
This worked much better on the server. I don't have the files anymore as
the business (a photographer) has long gone out of business.
--
Justin Koivisto, ZCE - justin@koivi.com
http://koivi.com
|
|
|
|
|