Greenguy's Board - View Single Post - Programs: Lock up your servers against Fusker

cd34 · 2005-03-28, 01:45 AM

RewriteCond %{HTTP_REFERER} !^$

This is the rule that becomes the problem.

If you allow the empty referrer, the image can be seen by the smart fusker surfers. However, if you don't allow it, guys running privacy software cannot see your gallery page.

The problem with allowing the good is writing a regexp that can't be exploited easily. If we're lax on the url specificity, they could simply insert google somewhere in their url and then it makes the rule 10x more difficult to construct.

It becomes a real quandry.

2005-03-28, 01:45 AM	#7
cd34 a.k.a. Sparky Join Date: Sep 2004 Location: West Palm Beach, FL, USA Posts: 2,396	RewriteCond %{HTTP_REFERER} !^$ This is the rule that becomes the problem. If you allow the empty referrer, the image can be seen by the smart fusker surfers. However, if you don't allow it, guys running privacy software cannot see your gallery page. The problem with allowing the good is writing a regexp that can't be exploited easily. If we're lax on the url specificity, they could simply insert google somewhere in their url and then it makes the rule 10x more difficult to construct. It becomes a real quandry. __________________ SnapReplay.com a different way to share photos - iPhone & Android