Code, Computers & Random Junk

A Couple of .htaccess Tricks

.htaccess …that mighty powerful server file we all love so much. Here’s a couple of unfriendly trix to keep away the worst ones.

Anti Hot-Linking

In addition to a normal anti-hotlink-script where you allow certain sites to link to your images, files - you can make it the other way, list a few sites you don’t want to link to your stuff. A normal way to do that would be to throw them another picture och just prevent them, and they get that missing file icon instead.

A more evil, but very efficiant way to make them stop, is to throw everything back.

# Send them back again...
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(www.)?subdomain\.domain\.com(/)?.*$ [NC]
RewriteRule ^(.*)$ %{HTTP_REFERER} [R=permanent,L]

Or something like that… ;) Since we send them back to %{HTTP_REFERER} - that will include any links, including queries etc.

So, instead of just showing them nothing or another image - you send them back to where they came from - wich is the page with the stolen image and it will send them back again… Guess that’d make them stop stealing the images (…or anything).

Redirect the user back to his/her employers website

This one is quite useful if you know your visitors that much you know where they work and their habits. For example… If you know a person stalking your site or forum 3-4hrs during nights on payed worktime, even if they’re not allowed to browse privately.

So, in this dummy example we use the IP range - wich is their works IP, and is their website.

RewriteEngine On
RewriteCond %{REMOTE_HOST} ^xxx\.xxx\.x19 [OR]
RewriteCond %{REMOTE_HOST} ^xxx\.xxx\.x2[0-6] [OR]
RewriteCond %{REMOTE_ADDR} ^xxx\.xxx\.x19 [OR]
RewriteCond %{REMOTE_ADDR} ^xxx\.xxx\.x2[0-6] [OR]
RewriteRule ^(.*)$ [R=301,L]

The result is very efficiant. When they browse your site they’ll get to their works website instead. They would most likely wonder “-WTF just happened?” …and, they can’t just run over to the IT department to complain, since they’re not supposed to browse the internet privately, right? Hah! ^^

Ok, don’t miss-use this now.