Project

General

Profile

Actions

Bug #1481

closed

Hotlinking protection with $HTTP["referer"] not working

Added by Anonymous about 17 years ago. Updated about 16 years ago.

Status:
Invalid
Priority:
Urgent
Category:
mod_rewrite
Target version:
ASK QUESTIONS IN Forums:

Description

Hello All,

I tried to hotlink protect a lighthttpd server with the following rule. When I give this rule, no one can access the site images or videos directly. But issue is that the site example.com (which is on a different server) also cannot access the site. Example.com uses the lighty server to stream the audios and videos.

=======================================================

$HTTP["referer"] != "^($|(ftp|http)://(.*?\.)?.example\.com)" {
url.access-deny = ( ".jpg", ".jpeg", ".png", ".wmv", ".avi", ".mpeg", ".mpg", ".gif", ".mp3", ".mp4", ".mov", ".wma", ".iso" )
}

h55. tried without ftp also, $|http://(.*?\.)?.example\.com

$HTTPreferer != "^http://www\.example\.com)" {
url.access-deny = ( ".jpg", ".jpeg", ".png", ".wmv", ".avi", ".mpeg", ".mpg", ".gif", ".mp3", ".mp4", ".mov", ".wma", ".iso" )
}

h55. When I used the following rule and added the remoteip rule, the streaming does not work.

$HTTPremoteip !~ "example.com_server_IP" {
$HTTPurl =~ "^/" {
url.access-deny = ( ".jpg", ".jpeg", ".png", ".wmv", ".avi", ".mpeg", ".mpg", ".gif", ".mp3", ".mp4", ".mov", ".wma", ".iso" )
}
}

=======================================================

Please help me or advice what I am doing wrong.

-- Davidjango

Actions #1

Updated by Anonymous about 17 years ago

Try a regex like.. ^($|(ftp|http)://(.*?\.)?example\.com)

Note the lack of a . before example.com (this will allow example.com without any subdomain - yours didn't) and the ^ at the beginning. If that doesn't work, ask in #lighttpd on irc.freenode.net or such. The bugtracker is not a help system ;)

Actions #2

Updated by stbuehler almost 17 years ago

  • Status changed from New to Fixed
  • Resolution set to invalid
Actions #3

Updated by stbuehler about 16 years ago

  • Status changed from Fixed to Invalid
Actions

Also available in: Atom