1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Unmaintained Ultimate Hotlinking Protection

Use this generator to create a .htaccess file for hotlink protection of your images and pictures.

  1. DRE

    DRE Well-Known Member

  2. silence

    silence Well-Known Member

    No love for NginX?
  3. DRE

    DRE Well-Known Member

    I'm using nginx.

    As reverse proxy. :ROFLMAO:
  4. silence

    silence Well-Known Member

    I mean a NginX rewrite to prevent hotlinking?
  5. DRE

    DRE Well-Known Member

    silence likes this.
  6. silence

    silence Well-Known Member

  7. DRE

    DRE Well-Known Member

  8. The Forum Heroes

    The Forum Heroes Well-Known Member

  9. DRE

    DRE Well-Known Member

    Last edited: Sep 16, 2013
  10. Tracy Perry

    Tracy Perry Well-Known Member

    If you want simple (without the image showing) then you can do this
    location ~* (\.jpg|\.png|\.css|\.gif)$ {
        valid_referers blocked yoursite.com wwwyoursite.com *.google.com *.bing.com *.yahoo.com;
        if ($invalid_referer)  {
            return 405;
    You can add any additional extensions you need in the (\.jpg|\.png|\.css|\.gif) area.
    Last edited: Sep 16, 2013
    maszd likes this.
  11. Jaxel

    Jaxel Well-Known Member

    Is hotlink prevention even important anymore? Bandwidth is cheap as ****.
  12. DRE

    DRE Well-Known Member

    Check this out: http://webmasters.stackexchange.com...king-what-is-it-and-why-shouldnt-people-do-it

    I use MetaMirror http://xenforo.com/community/resources/metamirror.2117/

    Any external linked image you add to 8thos as a [ I M G ] bb code that is under 2MB gets automatically converted into an attachment just in case the image we linked to is deleted from the other site, moved, has a limited bandwidth or their server goes offline. "Cross-site scripting and phishing attacks may include inline links to a legitimate site to gain the confidence of a victim." MetaMirror is more secure in the fact that images are no longer hotlinked to the site.

    Another problem is copyright infringement issues. To prevent possible copyright infringement issues due to MetaMirror, I disabled images and videos are disabled in threads for Guests. This also helps with LinkRot: and this: http://en.wikipedia.org/wiki/Linkrot

    By disabling mages and Video Links are hidden from Guests in threads, some guests may be encouraged to register. It also helps avoid some copyright infringement takedown requests since guests can't see and it isn't indexed in search engines. Because images and videos in threads can't be seen, hopefully this may encourage members to create public albums and include images and video in their blogs since images and video can be shown there.

    Later I'll pay Borbole to make a Hide Images and Videos from guests by both a forum basis and usergroup basis but the basic addon will have to do for now.

    From that first site I linked:

    1. Aside from costing the owner in bandwidth, by hotlinking their files you may be undermining their revenue source. Many websites may depend on revenue from advertisements, and the said advertisements are usually not placed in the files themselves, but in the html page where the files are linked to or displayed (e.g. a software developer may depend on revenue from ads on their download page, but not on ads in the actual software). By bypassing the html page, you could also bypass advertisements, and thus, deprive them of revenue.

    2. It is considered especially rude to hotlink images or other embedded assets without crediting the author (which many people do). Not only are you plagiarizing their content, you are also doing so in a way that (may) use their resources and deprive them of revenue.
  13. craigiri

    craigiri Well-Known Member

    Any summary here if I use apache and want just one or two sites NOT to be able to hotlink to my XF images? Most .htaccess examples don't work because of the lack of a file extension on the XF attachments.

    Has anyone written out the rule based on the XF scheme?

    11-jpg.5634/, etc.?
  14. craigiri

    craigiri Well-Known Member

    I tried some basic Regex at the root directory .htaccess, but it seemed to mess up the whole site. I suspect because all urls are rewritten to XF (that is, no actual /xf/attachments/ directory exists), that the rule will have to be placed elsewhere??

    The Regex is something like this.....
    (/\w{4}/\w+/\w{3}\d+-\w{3}.\d+/) $ - [F]
  15. D.O.A.

    D.O.A. Well-Known Member

    Did you ever get it working?

    It's good with
    but brings issues with it with pretty URL's enabled.

    edit: oops sorry, you use apache.
  16. Mian Shahid

    Mian Shahid Well-Known Member

    I include this in my running .htaccess like
    <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteCond %{SERVER_PORT} 80
        RewriteRule ^(.*)$ https://www.itdarasgah.com/$1 [R,L]
        #    If you are having problems with the rewrite rules, remove the "#" from the
        #    line that begins "RewriteBase" below. You will also have to change the path
        #    of the rewrite to reflect the path to your XenForo installation.
        #RewriteBase /xenforo
        #    This line may be needed to enable WebDAV editing with PHP as a CGI.
        #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
        RewriteCond %{REQUEST_FILENAME} -f [OR]
        RewriteCond %{REQUEST_FILENAME} -l [OR]
        RewriteCond %{REQUEST_FILENAME} -d
        RewriteRule ^.*$ - [NC,L]
        RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
        RewriteRule ^.*$ index.php [NC,L]
            #    Ultimate Hotlinking Protection Begun.
            RewriteEngine on
            RewriteCond %{HTTP_REFERER} !^$
            RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?itdarasgah.com [NC]
            RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
            RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.com [NC]
            RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yahoo.com [NC]
            RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?facebook.com [NC]
            RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?twitter.com [NC]
            RewriteRule \.(jpg|jpeg|png|gif|bmp|tiff|pic|mp3|doc|xls|mpeg|mpg|ram|rm|wma|wav|asx|wmv|avi|swf|mov|zip|rar|exe)$ http://i41.tinypic.com/2wq73lx.jpg [NC,R,L]
            #    Ultimate Hotlinking Protection Ends.
    but looks like not working :)

Share This Page