Prevent Image Hot Linking on Zeus Web Servers
A client asked me to do so work on their website to prevent people from hot linking their images, as they were using up most of their bandwidth allowance and had just been dealt a hefty bill, for extra bandwidth used.
Straight away, I said no problem. 2-3 lines in your .htaccess file should do it. WRONG!!. Their host was using a Zeus webserver, and although it does implement some of Apache’s .htaccess directives, its rewrite rules are totally different.
I started scouring the internet, for apache to zeus converters, but the ones I did find and use didn’t seem to work. I finally had to bite the bullet and learn how to do rewrite rules with zeus.
By default, Zeus rewrite rules are added to a rules section in the Zeus web admin control panel. My client was using shared hosting so I had no access to this control panel. Luckily their hosts did have a setup that allows you to add a script to the web root, which will get read just like an .htaccess file does. This script is usually called rewrite.script.
Below is a copy of the rewrite script I wrote for them to prevent people hot linking their images. Just replace the “yourdomain” section with your own domain. Also this rule is only preventing hot links to gifs and jpegs, to prevent more add them to the line beneath the comment “# Match image urls”
RULE_0_START:
# Match image urls
match URL into $ with \.(gif|jpe?g)$
# If its not an image then skip the rules
if not matched then goto RULE_0_END
# Save the referer
set SCRATCH:COND = %{IN:Referer}
# Check the referer is not empty
match SCRATCH:COND into % with .
# If it is empy skip rules
if not matched then goto RULE_0_END
# Save the referer again
set SCRATCH:COND = %{IN:Referer}
# check it matches this domain
match SCRATCH:COND into % with ^http://(www\.)?yourdomain\.com/
if matched then goto RULE_0_END
set RESPONSE = 403
set BODY = Access to this page is denied
goto END
RULE_0_END:
I have sinced used this script on several other sites with 100% success.
December 13th, 2008 at 1:57 pm
Nice.
1. Why do you save the referrer twice?
2. Does this fail if the referrer is faked?
May 5th, 2011 at 7:21 pm
I appreciate all you have revealed this subject here but would you like to please develop further on your thoughts in the second and third paragraph.
May 24th, 2011 at 12:52 am
This is intriguing. I found the details you talked about very useful. Make sure you continue the nice work; I undoubtedly will come back to read a lot more in the future.
May 29th, 2011 at 12:05 am
June 13th, 2011 at 12:19 am
Spot on keeping this write-up, I actually believe this website needs far more consideration. I’ll the likely reality is be again in order to read rather additional, thanks for in which info.
June 13th, 2011 at 7:53 am
I have built a blog and I was thinking of changing the template.Yours looks pretty decent! Feel free to visit my blog and suggest things!
June 15th, 2011 at 4:07 pm
An interesting discussion is worth comment. I think that you should write more on this topic,
it might not be a taboo subject but generally people are not enough to speak on such topics. To the next. Cheers