Hotlink Protection Do Not Block Google, Bing or Yahoo

Home Forums BulletProof Security Pro Hotlink Protection Do Not Block Google, Bing or Yahoo

This topic contains 3 replies, has 2 voices, and was last updated by Avatar of AITpro Admin AITpro Admin 5 months ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #8502 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of AITpro Admin
    AITpro Admin
    Keymaster

    Hotlink protection, but do not block Google, Bing and Yahoo from retrieving images.

    1. Add this code and any other blocking or redirect custom .htaccess code to this Custom Code text box: CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE: Add miscellaneous code here

    2. Click the Save Root Custom Code button.

    3. Go to the Security Modes page, click the Create secure.htaccess File AutoMagic button and activate root folder BulletProof Mode again.

    Replace the ait-pro.com domain with your actual domain name.  Replace the Server IP Address with your actual Server IP Address

    SetEnvIfNoCase Referer "^(http|https)://www\.ait-pro\.com$" whitelist
    SetEnvIfNoCase Referer "^(http|https)://.*google.*" whitelist
    SetEnvIfNoCase Referer "^(http|https)://.*yahoo.*" whitelist
    SetEnvIfNoCase Referer "^(http|https)://.*bing.*" whitelist
    
    <FilesMatch "\.(gif|jpg|jpeg|png|bmp)$">
    Order Allow,Deny
    Allow from env=whitelist
    # Add Your Server IP Address
    Allow from 173.201.92.1
    </FilesMatch>

     

    • This topic was modified 3 weeks, 5 days ago by Avatar of AITpro Admin AITpro Admin.
    #9808 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of AITpro Admin
    AITpro Admin
    Keymaster

    If you have an image or images that you do not want to allow HotLinking for these specific images (including Google, Yahoo and Bing) then this code will protect individual images from being HotLinked.  This code can be used together with the Google, Yahoo, Bing safe HotLink Protection code.

    Replace the ait-pro.com domain with your actual domain name.  Replace the Server IP Address with your actual Server IP Address.  Add you actual image file names in the FilesMatch section of code.

    # HotLink Protection for individual images
    SetEnvIfNoCase Referer "^(http|https)://www\.ait-pro\.com$" whitelist-special
    
    <FilesMatch "(example-image-name-1\.png|example-image-name-2\.png|example-image-name-3\.png)$">
    Order Allow,Deny
    Allow from env=whitelist-special
    # Add Your Server IP Address
    Allow from 173.201.92.1
    </FilesMatch>
    #11095 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of James
    James
    Participant

    Thanks for this, very useful.  Could I just confirm a few details with regards to the correct code and formatting please?

    If I have a .com and .co.uk version of the same domain, is it better to use:

    SetEnvIfNoCase Referer "^(http|https)://www\.mydomain\.com$" whitelist
    SetEnvIfNoCase Referer "^(http|https)://www\.mydomain\.co.uk$" whitelist

    or maybe:

    SetEnvIfNoCase Referer "^(http|https)://.*mydomain.*" whitelist

    Also, for the server address white listing line, is the dollar sign at the end of the server address a wildcard term?  Do I understand correctly that I don’t need to enter the full 3 digits of the last part of the server address, just the first digit followed by the $?  So if my server address is 123.123.123.123 then should the line read:

    SetEnvIf Server_Addr "^123\.123\.123\.1$" whitelist

    or

    SetEnvIf Server_Addr "^123\.123\.123\.123$" whitelist

    Many thanks, James

    #11097 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of AITpro Admin
    AITpro Admin
    Keymaster

    Yep, if both the .com and .co.uk websites are sharing image files then using Regular Expressions code .* match anything – works fine.  If the 2 websites are not sharing image files then this is not necessary to do.  If each website is only using/displaying image files on its own site then you would not need to create this type of rule with Regular Expressions code.

    SetEnvIfNoCase Referer "^(http|https)://.*mydomain.*" whitelist

    In this particular case/usage the caret ^ means the start of the condition/rule and the dollar sign $ means the end of the condition/rule.

    If you wanted to use Regular Expressions code to match any number from 0 to 9 with 1 to 3 characters in the 4th octet of the IP address.  This is just an example and is not necessary because your Server/website IP address is static and will not change, unless of course you moved to another Server or Host.

    Note:  This was referring to older code that was actually a mistake and has now been changed and corrected above.

    SetEnvIf Server_Addr "^99\.88\.77\.[0-9]{1,3}$" whitelist
Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.