Greenguy's Board - View Single Post

dgraf · 2004-08-11, 08:18 AM

All the rules are trickable as they are shown here and almost everywhere on the web. Always terminate the condition line by something like this --

Code:

	(/|\?|$)

Example --

Code:

RewriteCond %{HTTP_REFERER} !^(wy[sc]iwyg://[0-9]*/)?http(s)?://YOUR_SITE_IP(/|\?|$) [NC]

Otherwise the referer can by tricked by passing referer like this one -
http://www.yourdomain.com.my-evil-hotlinkingdomain.com

It is not a problem to setup a vhost which will fit your regexp needs and this mistake is the worse since it is highly predictable.

Another good idea should be allowing access to pictures from image searches and probably from local stored pages too.

Code:

# Allow Saved Pages
RewriteCond     %{HTTP_REFERER} !^file://.*$                                    [NC]

# Search Engines
RewriteCond     %{HTTP_REFERER} !^http://([^/]*\.)?google\.(.{2}\.)?.{2,3}/.*$  [NC]
RewriteCond     %{HTTP_REFERER} !^http://([^/]*\.)?yahoo\.(.){2,3}/.*$          [NC]
RewriteCond     %{HTTP_REFERER} !^http://216\.239\.59\.104/.*$                  [NC]
RewriteCond     %{HTTP_REFERER} !^http://64\.233\.161\.104/.*$                  [NC]
RewriteCond     %{HTTP_REFERER} !^http://66\.102\.7\.104/.*$                    [NC]
RewriteCond     %{HTTP_REFERER} !^http://64\.233\.167\.104/.*$                  [NC]
RewriteCond     %{HTTP_REFERER} !^http://216\.239\.41\.104/.*$                  [NC]
RewriteCond     %{HTTP_REFERER} !^http://216\.239\.39\.104/.*$                  [NC]

(just example without editing)

Oh my god I did it! My first post here ...

(edited to add the code tags)

2004-08-11, 08:18 AM	#3
dgraf If something goes wrong at the plant, blame the guy who can't speak English Join Date: Jul 2004 Posts: 30	All the rules are trickable as they are shown here and almost everywhere on the web. Always terminate the condition line by something like this -- Code: (/\|\?\|$) Example -- Code: RewriteCond %{HTTP_REFERER} !^(wy[sc]iwyg://[0-9]/)?http(s)?://YOUR_SITE_IP(/\|\?\|$) [NC] Otherwise the referer can by tricked by passing referer like this one - http://www.yourdomain.com.my-evil-hotlinkingdomain.com It is not a problem to setup a vhost which will fit your regexp needs and this mistake is the worse since it is highly predictable. Another good idea should be allowing access to pictures from image searches and probably from local stored pages too. Code: # Allow Saved Pages RewriteCond %{HTTP_REFERER} !^file://.$ [NC] # Search Engines RewriteCond %{HTTP_REFERER} !^http://([^/]\.)?google\.(.{2}\.)?.{2,3}/.$ [NC] RewriteCond %{HTTP_REFERER} !^http://([^/]\.)?yahoo\.(.){2,3}/.$ [NC] RewriteCond %{HTTP_REFERER} !^http://216\.239\.59\.104/.$ [NC] RewriteCond %{HTTP_REFERER} !^http://64\.233\.161\.104/.$ [NC] RewriteCond %{HTTP_REFERER} !^http://66\.102\.7\.104/.$ [NC] RewriteCond %{HTTP_REFERER} !^http://64\.233\.167\.104/.$ [NC] RewriteCond %{HTTP_REFERER} !^http://216\.239\.41\.104/.$ [NC] RewriteCond %{HTTP_REFERER} !^http://216\.239\.39\.104/.$ [NC] (just example without editing) Oh my god I did it! My first post here ... (edited to add the code tags) __________________ Bright Porn \| Webmasters \| Free Galleries \| List of Sponsors \| Traffic Trades Last edited by dgraf; 2004-08-11 at 08:23 AM..