Three Ways to Allow Hotlinking in Specific Directories
After implementing any of the hotlink-prevention techniques described in our previous article, you may find it necessary to disable hotlink-protection for a specific directory. By default, htaccess rules apply to the directory in which it is located, as well as all subdirectories contained therein. There are (at least) three ways to enable selective hotlinking:
Place hotlink images in an alternate directory
This method works great if your hotlink-protection rules are located in a directory other than the site root. Simply create another directory outside of the directory containing the htaccess rules and place your hotlink-allowed images into that directory.
Create a pseudo-rewrite rule for the target directory
If your images are located within the influence of your hotlink-protection rules, and you need to enable hotlinking for a specific directory, it is possible to circumvent the anti-hotlink rewriting for that directory. In the htaccess file for the target directory, add the following, pseudo-rewrite rules 1:
# disable hotlink protection
RewriteEngine on
RewriteRule ^.*$ -Turn off the rewrite engine in the target directory
Ahh, the joys of simplicity. If neither of the previous methods seem appealing to you, perhaps the simple elegance of this effective method will inspire you: turn off the rewrite engine in the directory that houses your hotlink images. That’s it. Simply add the following line to your target directory’s htaccess file and enjoy immediate results:
# disable hotlink protection
RewriteEngine offAny one of these methods works fine, but disabling the RewriteEngine in the target directory is by far the most elegant solution.
What about enabling hotlink-protection in a specific directory? Read on, my friend..
Selectively protect files in a specific directory
Protecting the contents of a specific directory (as opposed to all directories) requires a simple addition to any of the anti-hotlinking measures presented in our previous article. If, say, you wanted to protect all files located in a directory called “private,” you would modify the RewriteRule as follows:
# protect all content in private directory and return a forbidden error
RewriteRule protected/(.*)$ - [F,NC,L]
..or, alternatively:
# protect all content in private directory and return a nasty image
RewriteRule protected/(.*)$ http://domain.tld/hotlink.jpg [R,NC,L]
In other words, prepend the name of the target directory to the list of protected file types, which in this example is all files, as represented by the wildcard expression ((.*)).
References
- 1 Shouts out to webpimps.com for this trick.
Related articles
- Ultimate htaccess Blacklist 2 (Compressed Version)
- Creating the Ultimate htaccess Anti-Hotlinking Strategy
- Stupid htaccess Trick: Enable File or Directory Access to Your Password-Protected Site
- Stupid htaccess Tricks
- Stop Bitacle from Stealing Content
- Block Spam by Denying Access to No-Referrer Requests
- Ultimate htaccess Blacklist
About this article
This is article #448, posted by Perishable on Wednesday, November 28, 2007 @ 10:19am. Categorized as Function, and tagged with apache, hotlink, htaccess, mod_rewrite, security, tricks. Updated on December 02, 2007. Visited 13764 times. 2 Responses »
Bookmark • Trackback • Comment • Subscribe • Explore
« RefreshMints: Refresh Stats Bookmarklets for Mint 2 • Up • Temporary Site Downtime »
1 • January 21, 2008 at 5:02 am — Proximuz says:
Hi.
It’s there anyway to HotLink Protect my hole site, and just only allow one folder for hotlink. I like to use one folder that i store all my avatars and sigs to other forums.
It’s that possible?
Thanks.