PHP code for anti hotlinking
Image hotlinking is usually detected by referer, but it won't work when:
- user has turned off referer sending in his browser (I have this for privacy purposes)
- page is viewed via HTTPS (browser shouldn't send referer data).
You'll block your actual users from viewing images.
Consider using sessions / cookies when dealing with this problem. You'll have to pass every image via php script then.
Preventing hotlinking by image resolution with .htaccess and PHP?
Hotlink detection is often based on checking the referer (sic!).
You could easily add a filesize check in your delivering php script:
if (filesize(FILENAME) > 30*1024*1024) {
if ($_SERVER['HTTP_REFERER'] != '' && strpos($_SERVER['HTTP_REFERER'],'http://www.yourdomain.com/')===0) {
header("Status: 500);
echo "Hotlinking not allowed";
exit(0);
}
}
See PHP code for anti hotlinking, there are also some other examples which use Cookies (i.e., a php session to check if a user is authorized to view a picture).
Hotlinking protection, however, always has some possible limitations: Not all clients are sending http referers (sic!), especially on https those are often missing, and not all clients are accepting cookies.
.htaccess anti-hotlinking for one specific folder
Have you tried this in your root's .htaccess?
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://mywebsite.com/my-uploads/my-directory.*$ [NC]
RewriteRule \.(pdf|doc|docx|odt|rtf|txt)$ [R=302,L]
</IfModule>
Else, you can always add specific rules in an individual .htaccess inside that folder.
Prevent hotlinking from harassing domain by showing an image or iframe? .htaccess
You might consider the following? :
http://www.cyberciti.biz/faq/apache-mod_rewrite-hot-linking-images-leeching-howto/
http://underscorebleach.net/jotsheet/2004/11/stop-image-hotlinking-tutorial-htaccess-apache
http://altlab.com/htaccess_tutorial.html
-or-
http://bit.ly/ImCQOa
Related Topics
How to Remove All Numbers from String
Codeigniter: How to Do a Select (Distinct Fieldname) MySQL Query
Curl File Uploads Not Working Anymore After Upgrade from PHP 5.5 to 5.6
How to Get the Home Directory from a PHP Cli Script
How to Convert a String to an Array in PHP
Flat PHP Array to Hierarchy Tree
Cannot Start Session Without Errors in PHPmyadmin
How to Specify Multiple Return Types on PHP 7
Troubleshooting "The Use Statement with Non-Compound Name ... Has No Effect"
"Web Interface" to PHPunit Tests
Change Woocommerce Default Password Security Level
PHP Difference Between Notice and Warning
How Download Big File Using PHP (Low Memory Usage)
Alternative to File_Get_Contents
How to Clear PHP's Gettext Cache Without Restart Apache Nor Change Domain