Three Ways to Allow Hotlinking in Specific Directories
Post #448 categorized as Function, last updated on Dec 2, 2007
Tagged with apache, hotlink, htaccess, mod_rewrite, security, tricks
After implementing any of the hotlink-prevention techniques described in our previous article, you may find it necessary to disable hotlink-protection for a specific directory. By default, htaccess rules apply to the directory in which it is located, as well as all subdirectories contained therein. There are (at least) three ways to enable selective hotlinking:
Place hotlink images in an alternate directory
This method works great if your hotlink-protection rules are located in a directory other than the site root. Simply create another directory outside of the directory containing the htaccess rules and place your hotlink-allowed images into that directory.
Create a pseudo-rewrite rule for the target directory
If your images are located within the influence of your hotlink-protection rules, and you need to enable hotlinking for a specific directory, it is possible to circumvent the anti-hotlink rewriting for that directory. In the htaccess file for the target directory, add the following, pseudo-rewrite rules 1:
# disable hotlink protection
RewriteEngine on
RewriteRule ^.*$ -Turn off the rewrite engine in the target directory
Ahh, the joys of simplicity. If neither of the previous methods seem appealing to you, perhaps the simple elegance of this effective method will inspire you: turn off the rewrite engine in the directory that houses your hotlink images. That’s it. Simply add the following line to your target directory’s htaccess file and enjoy immediate results:
# disable hotlink protection
RewriteEngine offAny one of these methods works fine, but disabling the RewriteEngine in the target directory is by far the most elegant solution.
What about enabling hotlink-protection in a specific directory? Read on, my friend..
Selectively protect files in a specific directory
Protecting the contents of a specific directory (as opposed to all directories) requires a simple addition to any of the anti-hotlinking measures presented in our previous article. If, say, you wanted to protect all files located in a directory called “private,” you would modify the RewriteRule as follows:
# protect all content in private directory and return a forbidden error
RewriteRule protected/(.*)$ - [F,NC,L]
..or, alternatively:
# protect all content in private directory and return a nasty image
RewriteRule protected/(.*)$ http://domain.tld/hotlink.jpg [R,NC,L]
In other words, prepend the name of the target directory to the list of protected file types, which in this example is all files, as represented by the wildcard expression ((.*)).
References
- 1 Shouts out to webpimps.com for this trick.
Share this..
Related articles
- Allow Google Reader to Access Hotlink-Protected Images
- Creating the Ultimate htaccess Anti-Hotlinking Strategy
- Major Problem with cPanel Hotlink Protection and htaccess
- Allow Feedburner Access to Hotlink-Protected Images
- Permanently Redirect a Specific IP Request for a Single Page via htaccess
- htaccess Combo Pack: WordPress Permalinks and non-www Redirect
- Eight Ways to Blacklist with Apache’s mod_rewrite
![[ Gravatar Icon ]](http://www.gravatar.com/avatar.php?gravatar_id=661b083b3ed2fcee6ce0fc1347a55d37&rating=PG&size=50&default=http%3A%2F%2Fperishablepress.com%2Fpress%2Fwp-content%2Fthemes%2Frequiem%2Fimages%2Fblank.png "Visit gravatar.com to get your own free Globally Recognized Avatar!"){kind=avatar}
![[ Gravatar Icon ]](http://www.gravatar.com/avatar.php?gravatar_id=55ab782317256ce3a9524f960dee2c7e&rating=PG&size=50&default=http%3A%2F%2Fperishablepress.com%2Fpress%2Fwp-content%2Fthemes%2Frequiem%2Fimages%2Fblank.png "Visit gravatar.com to get your own free Globally Recognized Avatar!"){kind=avatar}
#1 — Proximuz
Hi.
It’s there anyway to HotLink Protect my hole site, and just only allow one folder for hotlink. I like to use one folder that i store all my avatars and sigs to other forums.
It’s that possible?
Thanks.