Blocking Traffic- and Picture-Thieves

Ralf-Schlieper

Joined: 2005-09-25
Posts: 16

Posted: Wed, 2006-09-20 06:47

How can I block external Links on my Gallery-photos like this one:

http://3puma.de.tl/WASSER.htm
-> he copies this link:
http://www.fotogemeinschaft.de/d/40188-1/Wasser-14.jpg

Is it possible (and does it help) to change the .htaccess like this (NEW: Last 6 lines with: 'HTTP_REFERER'...:

--------------
ErrorDocument 300 /
ErrorDocument 404 /
# BEGIN Url Rewrite section
# (Automatically generated. Do not edit this section)
<IfModule mod_rewrite.c>
RewriteEngine On

RewriteBase /

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d [OR]
RewriteCond %{REQUEST_FILENAME} gallery\_remote2\.php
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . - [L]

RewriteCond %{THE_REQUEST} \ /sitemap(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=sitemap.Sitemap [QSA,L]

RewriteCond %{THE_REQUEST} \ /d/([0-9]+)-([0-9]+)/([^\/\?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=core.DownloadItem&g2_itemId=%1&g2_serialNumber=%2&g2_fileName=%3 [QSA,L]

RewriteCond %{THE_REQUEST} \ /v/([^?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=core.ShowItem&g2_path=%1 [QSA,L]

RewriteCond %{THE_REQUEST} \ /([^?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=rewrite.FileNotFound [QSA,L]

# NEW NEW NEW - Lines against traffic-thieves...:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://fotogemeinschaft.de.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://photogemeinschaft.de.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.fotogemeinschaft.de.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.photogemeinschaft.de.*$ [NC]
RewriteRule /* http://www.fotogemeinschaft.de/image/logo.gif [R,L]

</IfModule>

# END Url Rewrite section
--------------

Gallery-Version = 2.1.0- Kern 1.0.20
PHP-Version = 4.4.4 cgi
Webserver = Apache/1.3.37 (Unix)
Datenbank = mysql 4.0.25-standard
Werkzeuge = Gd, NetPBM, Exif, Thumbnail, ArchiveUpload
Betriebssystem = Linux infong 2.4 #1 SMP Thu Jan 13 08:59:31 CET 2005 i686 unknown
Browser = Mozilla/5.0 (Windows; U; Windows NT 5.1; de-AT; rv:1.8.0.7) Gecko/20060910 SeaMonkey/1.0.5

Thanks
Ralf

Please visit my gallery if you are interested in good B/W-photos:
http://www.fotogemeinschaft.de

Login or register to post comments

bharat

Joined: 2002-05-21
Posts: 5649

Posted: Wed, 2006-09-20 09:52

You're modifying lines inside a block marked:

# BEGIN Url Rewrite section
# (Automatically generated. Do not edit this section)

-- this is not a good idea! For safety, put any changes you make outside of that block else Gallery may choke on or delete your changes.

To block hotlinkers, try Site Admin -> URL Rewrite and then click the checkbox next to "Block hotlinked items". That should update your .htaccess file with the right rules.

Login or register to post comments

Ralf-Schlieper

Joined: 2005-09-25
Posts: 16

Posted: Wed, 2006-09-20 10:34

bharat wrote:

You're modifying lines inside a block marked:
# BEGIN Url Rewrite section
# (Automatically generated. Do not edit this section)
-- this is not a good idea! For safety, put any changes you make outside of that block else Gallery may choke on or delete your changes.

To block hotlinkers, try Site Admin -> URL Rewrite and then click the checkbox next to "Block hotlinked items". That should update your .htaccess file with the right rules.

++++++++++++++

Thanks a lot bharat.

This is the solution for the thieves (;-)

But after this modification my other 10 Domains don't show any photos, when I DON't configure them as pure redirected URLS

I have 11 domains, which should be allowed to show the photos also as SEPARATE websites (up to now I have configured ALL domais as redirections to www.fotogemeinschaft.de)

http://www.fotogemeinschaft.de
http://www.fotogemeinschaft.eu
http://www.fotogemeinschaft.at
http://www.fotogemeinschaft.com
http://www.fotogemeinschaft.info
http://www.fotogemeinschaft.net
http://www.photogemeinschaft.de
http://www.world-family.de
http://www.world-family.info
http://www.with-open-eyes.de
http://www.with-open-eyes.info

But in the new (automatically added) rewrite rule there is only ONE domain 'www.fotogemeinschaft.de':

----------------
RewriteCond %{QUERY_STRING} view=core.DownloadItem
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule . /main.php? [F,L]
-------------------

Ralf

Please visit my gallery if you are interested in good B/W-photos:
http://www.fotogemeinschaft.de

Login or register to post comments

bharat

Joined: 2002-05-21
Posts: 5649

Posted: Wed, 2006-09-20 18:26

Hm, yes I see what you mean. G2 doesn't know about all the various domains that you're using to access your photos. Ok, here's what you can do. Turn off that rule in Site Admin -> URL Rewrite. Then edit your .htaccess file and *above* the gallery "don't modify this" block, add these lines:

RewriteCond %{QUERY_STRING} view=core.DownloadItem
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC]
... all your other domains here in the same format as the line above ...
RewriteCond %{HTTP_REFERER} !^$
RewriteRule . /main.php? [F,L]

I tested this out on my server and it worked properly.

Login or register to post comments

valiant

Joined: 2003-01-04
Posts: 32324

Posted: Wed, 2006-09-20 20:28

No need to hack the .htaccess file.

There's a web-interface to specify a white list / allowed referrers in G2!

go to:
"site admin" -> "URL rewrite" -> "setup" tab
and enter there your " Approved referers" aka your domains.

Login or register to post comments

Ralf-Schlieper

Joined: 2005-09-25
Posts: 16

Posted: Thu, 2006-09-21 03:14

valiant wrote:

No need to hack the .htaccess file.

There's a web-interface to specify a white list / allowed referrers in G2!

go to:
"site admin" -> "URL rewrite" -> "setup" tab
and enter there your " Approved referers" aka your domains.

Great - thanks al lot to valiant and bharat:

Here is now my AUTOMATICALLY modificates .htaccess:

-------------
ErrorDocument 300 /
ErrorDocument 404 /
# BEGIN Url Rewrite section
# (Automatically generated. Do not edit this section)
<IfModule mod_rewrite.c>
RewriteEngine On

RewriteBase /

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d [OR]
RewriteCond %{REQUEST_FILENAME} gallery\_remote2\.php
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . - [L]

RewriteCond %{QUERY_STRING} view=core.DownloadItem
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.eu/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.at/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.com/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.info/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.net/ [NC]
RewriteCond %{HTTP_REFERER} !://www.photogemeinschaft.de/ [NC]
RewriteCond %{HTTP_REFERER} !://www.world-family.de/ [NC]
RewriteCond %{HTTP_REFERER} !://www.world-family.info/ [NC]
RewriteCond %{HTTP_REFERER} !://www.with-open-eyes.de/ [NC]
RewriteCond %{HTTP_REFERER} !://www.with-open-eyes.info/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotocommunity.de/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule . /main.php? [F,L]

RewriteCond %{THE_REQUEST} \ /sitemap(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=sitemap.Sitemap [QSA,L]

RewriteCond %{THE_REQUEST} \ /c/view/([0-9]+).html(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=comment.ShowAllComments&g2_itemId=%1 [QSA,L]

RewriteCond %{THE_REQUEST} \ /c/add/([0-9]+).html(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=comment.AddComment&g2_itemId=%1 [QSA,L]

RewriteCond %{THE_REQUEST} \ /d/([0-9]+)-([0-9]+)/([^\/\?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=core.DownloadItem&g2_itemId=%1&g2_serialNumber=%2&g2_fileName=%3 [QSA,L]

RewriteCond %{THE_REQUEST} \ /v/([^?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=core.ShowItem&g2_path=%1 [QSA,L]

RewriteCond %{THE_REQUEST} \ /([^?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=rewrite.FileNotFound [QSA,L]

</IfModule>

# END Url Rewrite section

-------------

())

And picture-/traffic-thieves now have a lot of 'broken links' (;-)

Ralf

Please visit my gallery if you are interested in good B/W-photos:
http://www.fotogemeinschaft.de

Login or register to post comments

Ralf-Schlieper Joined: 2005-09-25 Posts: 16	Posted: Wed, 2006-09-20 06:47
	How can I block external Links on my Gallery-photos like this one: http://3puma.de.tl/WASSER.htm -> he copies this link: http://www.fotogemeinschaft.de/d/40188-1/Wasser-14.jpg Is it possible (and does it help) to change the .htaccess like this (NEW: Last 6 lines with: 'HTTP_REFERER'...: -------------- ErrorDocument 300 / ErrorDocument 404 / # BEGIN Url Rewrite section # (Automatically generated. Do not edit this section) <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d [OR] RewriteCond %{REQUEST_FILENAME} gallery\_remote2\.php RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . - [L] RewriteCond %{THE_REQUEST} \ /sitemap(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=sitemap.Sitemap [QSA,L] RewriteCond %{THE_REQUEST} \ /d/([0-9]+)-([0-9]+)/([^\/\?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=core.DownloadItem&g2_itemId=%1&g2_serialNumber=%2&g2_fileName=%3 [QSA,L] RewriteCond %{THE_REQUEST} \ /v/([^?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=core.ShowItem&g2_path=%1 [QSA,L] RewriteCond %{THE_REQUEST} \ /([^?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=rewrite.FileNotFound [QSA,L] # NEW NEW NEW - Lines against traffic-thieves...: RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://fotogemeinschaft.de.$ [NC] RewriteCond %{HTTP_REFERER} !^http://photogemeinschaft.de.$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.fotogemeinschaft.de.$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.photogemeinschaft.de.$ [NC] RewriteRule /* http://www.fotogemeinschaft.de/image/logo.gif [R,L] </IfModule> # END Url Rewrite section -------------- Gallery-Version = 2.1.0- Kern 1.0.20 PHP-Version = 4.4.4 cgi Webserver = Apache/1.3.37 (Unix) Datenbank = mysql 4.0.25-standard Werkzeuge = Gd, NetPBM, Exif, Thumbnail, ArchiveUpload Betriebssystem = Linux infong 2.4 #1 SMP Thu Jan 13 08:59:31 CET 2005 i686 unknown Browser = Mozilla/5.0 (Windows; U; Windows NT 5.1; de-AT; rv:1.8.0.7) Gecko/20060910 SeaMonkey/1.0.5 Thanks Ralf Please visit my gallery if you are interested in good B/W-photos: http://www.fotogemeinschaft.de
	Login or register to post comments XUser login Username: * Password: * Create new account Request new password
bharat Joined: 2002-05-21 Posts: 5649	Posted: Wed, 2006-09-20 09:52
	You're modifying lines inside a block marked: # BEGIN Url Rewrite section # (Automatically generated. Do not edit this section) -- this is not a good idea! For safety, put any changes you make outside of that block else Gallery may choke on or delete your changes. To block hotlinkers, try Site Admin -> URL Rewrite and then click the checkbox next to "Block hotlinked items". That should update your .htaccess file with the right rules.
	Login or register to post comments
Ralf-Schlieper Joined: 2005-09-25 Posts: 16	Posted: Wed, 2006-09-20 10:34
	bharat wrote: You're modifying lines inside a block marked: # BEGIN Url Rewrite section # (Automatically generated. Do not edit this section) -- this is not a good idea! For safety, put any changes you make outside of that block else Gallery may choke on or delete your changes. To block hotlinkers, try Site Admin -> URL Rewrite and then click the checkbox next to "Block hotlinked items". That should update your .htaccess file with the right rules. ++++++++++++++ Thanks a lot bharat. This is the solution for the thieves (;-) But after this modification my other 10 Domains don't show any photos, when I DON't configure them as pure redirected URLS I have 11 domains, which should be allowed to show the photos also as SEPARATE websites (up to now I have configured ALL domais as redirections to www.fotogemeinschaft.de) http://www.fotogemeinschaft.de http://www.fotogemeinschaft.eu http://www.fotogemeinschaft.at http://www.fotogemeinschaft.com http://www.fotogemeinschaft.info http://www.fotogemeinschaft.net http://www.photogemeinschaft.de http://www.world-family.de http://www.world-family.info http://www.with-open-eyes.de http://www.with-open-eyes.info But in the new (automatically added) rewrite rule there is only ONE domain 'www.fotogemeinschaft.de': ---------------- RewriteCond %{QUERY_STRING} view=core.DownloadItem RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule . /main.php? [F,L] ------------------- Ralf Please visit my gallery if you are interested in good B/W-photos: http://www.fotogemeinschaft.de
	Login or register to post comments
bharat Joined: 2002-05-21 Posts: 5649	Posted: Wed, 2006-09-20 18:26
	Hm, yes I see what you mean. G2 doesn't know about all the various domains that you're using to access your photos. Ok, here's what you can do. Turn off that rule in Site Admin -> URL Rewrite. Then edit your .htaccess file and above the gallery "don't modify this" block, add these lines: RewriteCond %{QUERY_STRING} view=core.DownloadItem RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC] ... all your other domains here in the same format as the line above ... RewriteCond %{HTTP_REFERER} !^$ RewriteRule . /main.php? [F,L] I tested this out on my server and it worked properly.
	Login or register to post comments
valiant Joined: 2003-01-04 Posts: 32324	Posted: Wed, 2006-09-20 20:28
	No need to hack the .htaccess file. There's a web-interface to specify a white list / allowed referrers in G2! go to: "site admin" -> "URL rewrite" -> "setup" tab and enter there your " Approved referers" aka your domains.
	Login or register to post comments
Ralf-Schlieper Joined: 2005-09-25 Posts: 16	Posted: Thu, 2006-09-21 03:14
	valiant wrote: No need to hack the .htaccess file. There's a web-interface to specify a white list / allowed referrers in G2! go to: "site admin" -> "URL rewrite" -> "setup" tab and enter there your " Approved referers" aka your domains. Great - thanks al lot to valiant and bharat: Here is now my AUTOMATICALLY modificates .htaccess: ------------- ErrorDocument 300 / ErrorDocument 404 / # BEGIN Url Rewrite section # (Automatically generated. Do not edit this section) <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d [OR] RewriteCond %{REQUEST_FILENAME} gallery\_remote2\.php RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . - [L] RewriteCond %{QUERY_STRING} view=core.DownloadItem RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.eu/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.at/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.com/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.info/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.net/ [NC] RewriteCond %{HTTP_REFERER} !://www.photogemeinschaft.de/ [NC] RewriteCond %{HTTP_REFERER} !://www.world-family.de/ [NC] RewriteCond %{HTTP_REFERER} !://www.world-family.info/ [NC] RewriteCond %{HTTP_REFERER} !://www.with-open-eyes.de/ [NC] RewriteCond %{HTTP_REFERER} !://www.with-open-eyes.info/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotocommunity.de/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule . /main.php? [F,L] RewriteCond %{THE_REQUEST} \ /sitemap(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=sitemap.Sitemap [QSA,L] RewriteCond %{THE_REQUEST} \ /c/view/([0-9]+).html(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=comment.ShowAllComments&g2_itemId=%1 [QSA,L] RewriteCond %{THE_REQUEST} \ /c/add/([0-9]+).html(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=comment.AddComment&g2_itemId=%1 [QSA,L] RewriteCond %{THE_REQUEST} \ /d/([0-9]+)-([0-9]+)/([^\/\?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=core.DownloadItem&g2_itemId=%1&g2_serialNumber=%2&g2_fileName=%3 [QSA,L] RewriteCond %{THE_REQUEST} \ /v/([^?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=core.ShowItem&g2_path=%1 [QSA,L] RewriteCond %{THE_REQUEST} \ /([^?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=rewrite.FileNotFound [QSA,L] </IfModule> # END Url Rewrite section ------------- ()) And picture-/traffic-thieves now have a lot of 'broken links' (;-) Ralf Please visit my gallery if you are interested in good B/W-photos: http://www.fotogemeinschaft.de
	Login or register to post comments

Blocking Traffic- and Picture-Thieves

XUser login