Preventing Hotlinking...?? Preventing Hotlinking...??
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Preventing Hotlinking...??

Started by zoomingrocket, November 21, 2004, 10:02:25 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

zoomingrocket

I read the FAQ of coppermine and accordingly made the following .htaccess file:

SetEnvIfNoCase Referer "^http://www.domian.com/cpg/" locally_linked=1
SetEnvIfNoCase Referer "^http://domain.com/cpg" locally_linked=1
SetEnvIf Referer "^$" locally_linked=1
<FilesMatch "\.(gif|png|jpe?g)$">
 Order Allow,Deny
 Allow from env=locally_linked
</FilesMatch>

As per the instruction the file was uploaded to my albums folder!
Now the big problem is, all the thumbnails on the mail page are itself blocked!
I hovered my mouse and found that they are using full paths,
i.e. http://www.domain.com/cpg/albums/fil.jpg

How to modify so that CPG script uses the local reference, i.e. all img src should be local links, like: /cgp/albums/file.jpg ?? instead of the complete path?

Or is there some other way around to prevent hotlinking?

Note: Here 'domain' is the name of my website! And i am not disclosing so as to prevent any further hotlinking!!


REgards,
Zooom..!!

Joachim Müller

post the actual content of the .htaccess file with the actual domain name, so we can check.

Joachim

zoomingrocket

This is my exact .htaccess file in the albums folder


SetEnvIfNoCase Referer "^http://www.indianguitartabs.com/igtalbum"

locally_linked=1
SetEnvIfNoCase Referer "^http://indianguitartabs.com/igtalbum"

locally_linked=1
SetEnvIf Referer "^$" locally_linked=1
<FilesMatch "\.(gif|png|jpe?g)$">
 Order Allow,Deny
 Allow from env=locally_linked
</FilesMatch>


On the main page, when i hover my mouse, i see that it shows the complete link, i.e.
http://www.indianguitartabs.com/igtalbum/albums/file.jpg  in the <img src>, so tat means its not locally linking, so all the images goes blank!

Update: I have now added two common hacks for nohover and rightclick disable!!


REgards,
Zooom...!!

zoomingrocket


kegobeer

Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots