| Author |
|
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 06 October 2009 at 2:52pm | IP Logged
|
|
|
I currently have purchased isapi rewrite. I am
considering hotlinkblocker for this purpose: I want to
prevent anyone from viewing or copying image (JPG etc)
files from my image directory. currently my rewrite maps
http://www.example.com/image-4444-12.jpg to another
correct file in my image directory with 4444 being $1 and
12 being $2. (This is great because also it shortens the
URL and I can keep the JPGs in a deep complex structure).
So now anyone anywhere can type
http://www.example.com/image-4444-12.jpg into their
browser and save and steal my image.
1) Can hotlinkblocker prevent access(stealing)? what
would the user see if they type in that URL to the
browser? But, the images would correctly be displayed in
the correct positions in the IMG tags of the HTML pages
generated by the ASP - right?
2) Can it interoperate with isapi rewrite?
3) Would I configure HLB on the true files or on the
rewite rules?
4) I have seen a rule that allows only PHP and HTML
access, would that be the same as ASP HTM and HTML?
5) Any way to prevent them from leeching text?
Thank you.
__________________
Dezok
www.beachhouse.com
|
| Back to Top |
|
| |
Anton
Admin Group
Joined: 30 January 2007
Location: Ukraine
Online Status: Offline
Posts: 10487
|
| Posted: 07 October 2009 at 5:42am | IP Logged
|
|
|
1) Yes, it can. The user will get either 403 Forbidden or the cutsom page you indicate. IMG tags of the HTML pages generated by the ASP will be
dispayed fine on the site with HLB on it.
2) Yes, it can
3) HLB deals with virtual paths, so it doesn't matter for it what URLs to protect.
4) Could you please clarify the question
5) Yes, it's possible in the same way as images/video/etc.
Could you please tell what protection type are you thinking of using.
We recommend the LINK type as the most reliable.
__________________
Regards,
Anton
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 07 October 2009 at 1:16pm | IP Logged
|
|
|
I am a bit hesitant to use LINK with the 16 'x's, it
would effect too much code and that could introduce bugs.
this is the rule:
REFERER @(?!.*\.(?:asp|html|htm|rss|php?)).*
http://www.mysite.com/leech.htm
would that work just fine?
Or should I use
REFERER /db/h/images http://www.mysite.com/leech.htm
is that cleaner?
__________________
Dezok
www.beachhouse.com
|
| Back to Top |
|
| |
Anton
Admin Group
Joined: 30 January 2007
Location: Ukraine
Online Status: Offline
Posts: 10487
|
| Posted: 08 October 2009 at 5:53am | IP Logged
|
|
|
If you are thinking of using Referer type of protection, there's actually no need to use HotlinkBlocker.
You can do it in ISAPI_Rewrite using the following rule:
RewriteRule ^(?!.*\.(?:asp|html|htm|rss|php)).*$ http://www.mysite.com/leech.htm [NC,R=301,L]
__________________
Regards,
Anton
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 08 October 2009 at 12:39pm | IP Logged
|
|
|
Aha thanks!
What would be the positive version of that rule which would
address images? jpg|gif|png|bmp
|
| Back to Top |
|
| |
Anton
Admin Group
Joined: 30 January 2007
Location: Ukraine
Online Status: Offline
Posts: 10487
|
| Posted: 09 October 2009 at 4:00am | IP Logged
|
|
|
It will be like this:
RewriteCond %{HTTP:Host}#%{HTTP:Referer} ^([^#]+)#(?!http://\1).+
RewriteRule .*\.(?:gif|jpg|png|bmp) /block.gif [NC]
__________________
Regards,
Anton
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 09 October 2009 at 3:01pm | IP Logged
|
|
|
Thank you!
That looks pretty complex, can you explain it in english (especially the RewriteCond) in case I want to modify parts.
|
| Back to Top |
|
| |
Anton
Admin Group
Joined: 30 January 2007
Location: Ukraine
Online Status: Offline
Posts: 10487
|
| Posted: 12 October 2009 at 5:01am | IP Logged
|
|
|
Ok, the RewriteCond means: if Host and Referer headers are not obtained from the same site (which is the case with hotlinking), execute the
rule (i.e. block images).
__________________
Regards,
Anton
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 14 October 2009 at 4:47pm | IP Logged
|
|
|
One more question: if I just wanted to block my /images directory would the rule be:
RewriteCond %{HTTP:Host}#%{HTTP:Referer} ^([^#]+)#(?!http://\1).+
RewriteRule /images/.*\.(?:gif|jpg|png|bmp) /block.gif [NC]
(wondering about the "/images/.*\." part, or should it be just "/images/*\." )
and to extend this some more for /images/*/c/*.jpg would it be:
RewriteRule /images/*/c/.*\.(?:gif|jpg|png|bmp) /block.gif [NC]
__________________
Dezok
www.beachhouse.com
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 14 October 2009 at 6:50pm | IP Logged
|
|
|
I am using this rule to test:
RewriteCond %{HTTP:Host}#%{HTTP:Referer} ^([^#]+)#(?!http://\1).+
RewriteRule /db/h/17137/c300/.*\.(?:gif|jpg|png|bmp) /logo.jpg [NC]
and it does not seem to protect:
http://www.beachhouse.com/db/h/17137/c300/pic1.jpg
__________________
Dezok
www.beachhouse.com
|
| Back to Top |
|
| |
Anton
Admin Group
Joined: 30 January 2007
Location: Ukraine
Online Status: Offline
Posts: 10487
|
| Posted: 15 October 2009 at 5:36am | IP Logged
|
|
|
Could you please provide rewrite log records for the request to http://www.beachhouse.com/db/h/17137/c300/pic1.jpg with this config in place:
RewriteCond %{HTTP:Host}#%{HTTP:Referer} ^([^#]+)#(?!http://\1).+
RewriteRule /db/h/17137/c300/.*\.(?:gif|jpg|png|bmp) /logo.jpg [NC]
__________________
Regards,
Anton
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 15 October 2009 at 1:55pm | IP Logged
|
|
|
2009-10-15 18:24:59 GET /db/h/17137/c300/pic1.jpg - - 99.26.220.233 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.2;+en-US)+AppleWebKit/532.0+(KHTML,+like+Gecko)+Chrome/3.0.195.25+Safari/532.0 - 304 213
That is the IIS log record.
Is there another log for ISAPI?
__________________
Dezok
www.beachhouse.com
|
| Back to Top |
|
| |
Anton
Admin Group
Joined: 30 January 2007
Location: Ukraine
Online Status: Offline
Posts: 10487
|
| Posted: 16 October 2009 at 9:10am | IP Logged
|
|
|
Yes, there's ISAPI_Rewrite rewrite log. Please read our FAQ to find out
how to enable it.
__________________
Regards,
Anton
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 16 October 2009 at 12:27pm | IP Logged
|
|
|
I have isapi rewrite 2.11 which does not have that directive.
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 16 October 2009 at 12:44pm | IP Logged
|
|
|
also, is there a newer version of v2 that I should be running.
and, if I upgrade to v3, are the rules backward compatible?
I don't have many complex rules but each of the ones I have is crucial.
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 16 October 2009 at 2:16pm | IP Logged
|
|
|
OK, I spent some time reviewing your products and I am considering upgrade to v3. I really cannot recall if I have the lite version or bought full v2 (I think I bought it), since I have been using it since 2005. Can you help me decide if i should buy the upgrade for $29 or the full v3 for $99?
1) It has been a while since I installed v2.11, how do I tell where the license is and what it is? Or do I just go with v2.13?
2) Is the upgrade install seamless? Or do I uninstall the v2.11 first, and how to do that?
3) I could provide you with my httpd.ini file, I would like to test it somewhere first, rather than do a hot install and then have to scramble to fix any errors.
Thank you
|
| Back to Top |
|
| |
Anton
Admin Group
Joined: 30 January 2007
Location: Ukraine
Online Status: Offline
Posts: 10487
|
| Posted: 19 October 2009 at 10:35am | IP Logged
|
|
|
If you have Full v2 version (you may check it by pressing About button), you may buy an upgrade for $29.
To upgrade you need to uninstall v2 and install v3.
The syntax for v2 and v3 is slightly different, so I can transform your rules for v3 if you provide them.
__________________
Regards,
Anton
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 19 October 2009 at 1:20pm | IP Logged
|
|
|
do you have an support email address where I can continue this discussion and send my file to you?
|
| Back to Top |
|
| |
dezok
Newbie
Joined: 08 December 2004
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 19 October 2009 at 1:26pm | IP Logged
|
|
|
also, I did not see an about button anywhere
|
| Back to Top |
|
| |
Helicon Tech : HotlinkBlocker
Topic: product features (
Topic Closed)
Active Topics
Memberlist
Help
Register
Login