Feature #984: error matching null http referrer - Lighttpd - lighty labs

Feature #984

<pre> --- 
 # deny access for all image stealers 
 $HTTP[[referer]] !~ "^($|http://www\.example\.org)" { 
   url.access-deny = ( ".jpg", ".jpeg", ".png" ) 
 } 
 </pre> --- 
 the intention of configuration above is to block hotlinking from other sites and NULL referrer, but user could still download the files with NULL http referrer. 
 e.g.  
 1. wget --referer="" http://www.example.org/test/1.png 
 2. wget http://www.example.org/test/1.png    
 generally default referrer is null, that means user can simply use browser/any http client to download files. 


 


 -- linlei

Back

Project

General

Profile

Lighttpd

Feature #984