Blocking Traffic- and Picture-Thieves

Ralf-Schlieper

Joined: 2005-09-25
Posts: 38

Posted: Wed, 2006-09-20 06:47

How can I block external Links on my Gallery-photos like this one:

http://3puma.de.tl/WASSER.htm
-> he copies this link:
http://www.fotogemeinschaft.de/d/40188-1/Wasser-14.jpg

Is it possible (and does it help) to change the .htaccess like this (NEW: Last 6 lines with: 'HTTP_REFERER'...:

--------------
ErrorDocument 300 /
ErrorDocument 404 /
# BEGIN Url Rewrite section
# (Automatically generated. Do not edit this section)
<IfModule mod_rewrite.c>
RewriteEngine On

RewriteBase /

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d [OR]
RewriteCond %{REQUEST_FILENAME} gallery\_remote2\.php
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . - [L]

RewriteCond %{THE_REQUEST} \ /sitemap(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=sitemap.Sitemap [QSA,L]

RewriteCond %{THE_REQUEST} \ /d/([0-9]+)-([0-9]+)/([^\/\?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=core.DownloadItem&g2_itemId=%1&g2_serialNumber=%2&g2_fileName=%3 [QSA,L]

RewriteCond %{THE_REQUEST} \ /v/([^?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=core.ShowItem&g2_path=%1 [QSA,L]

RewriteCond %{THE_REQUEST} \ /([^?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=rewrite.FileNotFound [QSA,L]

# NEW NEW NEW - Lines against traffic-thieves...:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://fotogemeinschaft.de.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://photogemeinschaft.de.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.fotogemeinschaft.de.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.photogemeinschaft.de.*$ [NC]
RewriteRule /* http://www.fotogemeinschaft.de/image/logo.gif [R,L]

</IfModule>

# END Url Rewrite section
--------------

Gallery-Version = 2.1.0- Kern 1.0.20
PHP-Version = 4.4.4 cgi
Webserver = Apache/1.3.37 (Unix)
Datenbank = mysql 4.0.25-standard
Werkzeuge = Gd, NetPBM, Exif, Thumbnail, ArchiveUpload
Betriebssystem = Linux infong 2.4 #1 SMP Thu Jan 13 08:59:31 CET 2005 i686 unknown
Browser = Mozilla/5.0 (Windows; U; Windows NT 5.1; de-AT; rv:1.8.0.7) Gecko/20060910 SeaMonkey/1.0.5

Thanks
Ralf

Please visit my gallery if you are interested in good B/W-photos:
http://www.fotogemeinschaft.de

bharat

Joined: 2002-05-21
Posts: 7934

Posted: Wed, 2006-09-20 09:52

You're modifying lines inside a block marked:

# BEGIN Url Rewrite section
# (Automatically generated. Do not edit this section)

-- this is not a good idea! For safety, put any changes you make outside of that block else Gallery may choke on or delete your changes.

To block hotlinkers, try Site Admin -> URL Rewrite and then click the checkbox next to "Block hotlinked items". That should update your .htaccess file with the right rules.

Ralf-Schlieper

Joined: 2005-09-25
Posts: 38

Posted: Wed, 2006-09-20 10:34

bharat wrote:

You're modifying lines inside a block marked:
# BEGIN Url Rewrite section
# (Automatically generated. Do not edit this section)
-- this is not a good idea! For safety, put any changes you make outside of that block else Gallery may choke on or delete your changes.

To block hotlinkers, try Site Admin -> URL Rewrite and then click the checkbox next to "Block hotlinked items". That should update your .htaccess file with the right rules.

++++++++++++++

Thanks a lot bharat.

This is the solution for the thieves (;-)

But after this modification my other 10 Domains don't show any photos, when I DON't configure them as pure redirected URLS

I have 11 domains, which should be allowed to show the photos also as SEPARATE websites (up to now I have configured ALL domais as redirections to www.fotogemeinschaft.de)

http://www.fotogemeinschaft.de
http://www.fotogemeinschaft.eu
http://www.fotogemeinschaft.at
http://www.fotogemeinschaft.com
http://www.fotogemeinschaft.info
http://www.fotogemeinschaft.net
http://www.photogemeinschaft.de
http://www.world-family.de
http://www.world-family.info
http://www.with-open-eyes.de
http://www.with-open-eyes.info

But in the new (automatically added) rewrite rule there is only ONE domain 'www.fotogemeinschaft.de':

----------------
RewriteCond %{QUERY_STRING} view=core.DownloadItem
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule . /main.php? [F,L]
-------------------

Ralf

Please visit my gallery if you are interested in good B/W-photos:
http://www.fotogemeinschaft.de

bharat

Joined: 2002-05-21
Posts: 7934

Posted: Wed, 2006-09-20 18:26

Hm, yes I see what you mean. G2 doesn't know about all the various domains that you're using to access your photos. Ok, here's what you can do. Turn off that rule in Site Admin -> URL Rewrite. Then edit your .htaccess file and *above* the gallery "don't modify this" block, add these lines:

RewriteCond %{QUERY_STRING} view=core.DownloadItem
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC]
... all your other domains here in the same format as the line above ...
RewriteCond %{HTTP_REFERER} !^$
RewriteRule . /main.php? [F,L]

I tested this out on my server and it worked properly.

valiant

Joined: 2003-01-04
Posts: 32509

Posted: Wed, 2006-09-20 20:28

No need to hack the .htaccess file.

There's a web-interface to specify a white list / allowed referrers in G2!

go to:
"site admin" -> "URL rewrite" -> "setup" tab
and enter there your " Approved referers" aka your domains.

Ralf-Schlieper

Joined: 2005-09-25
Posts: 38

Posted: Thu, 2006-09-21 03:14

valiant wrote:

No need to hack the .htaccess file.

There's a web-interface to specify a white list / allowed referrers in G2!

go to:
"site admin" -> "URL rewrite" -> "setup" tab
and enter there your " Approved referers" aka your domains.

Great - thanks al lot to valiant and bharat:

Here is now my AUTOMATICALLY modificates .htaccess:

-------------
ErrorDocument 300 /
ErrorDocument 404 /
# BEGIN Url Rewrite section
# (Automatically generated. Do not edit this section)
<IfModule mod_rewrite.c>
RewriteEngine On

RewriteBase /

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d [OR]
RewriteCond %{REQUEST_FILENAME} gallery\_remote2\.php
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . - [L]

RewriteCond %{QUERY_STRING} view=core.DownloadItem
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.eu/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.at/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.com/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.info/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.net/ [NC]
RewriteCond %{HTTP_REFERER} !://www.photogemeinschaft.de/ [NC]
RewriteCond %{HTTP_REFERER} !://www.world-family.de/ [NC]
RewriteCond %{HTTP_REFERER} !://www.world-family.info/ [NC]
RewriteCond %{HTTP_REFERER} !://www.with-open-eyes.de/ [NC]
RewriteCond %{HTTP_REFERER} !://www.with-open-eyes.info/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotocommunity.de/ [NC]
RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule . /main.php? [F,L]

RewriteCond %{THE_REQUEST} \ /sitemap(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=sitemap.Sitemap [QSA,L]

RewriteCond %{THE_REQUEST} \ /c/view/([0-9]+).html(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=comment.ShowAllComments&g2_itemId=%1 [QSA,L]

RewriteCond %{THE_REQUEST} \ /c/add/([0-9]+).html(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=comment.AddComment&g2_itemId=%1 [QSA,L]

RewriteCond %{THE_REQUEST} \ /d/([0-9]+)-([0-9]+)/([^\/\?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=core.DownloadItem&g2_itemId=%1&g2_serialNumber=%2&g2_fileName=%3 [QSA,L]

RewriteCond %{THE_REQUEST} \ /v/([^?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=core.ShowItem&g2_path=%1 [QSA,L]

RewriteCond %{THE_REQUEST} \ /([^?]+)(\?.|\ .)
RewriteCond %{REQUEST_FILENAME} !/main\.php$
RewriteRule . /main.php?g2_view=rewrite.FileNotFound [QSA,L]

</IfModule>

# END Url Rewrite section

-------------

())

And picture-/traffic-thieves now have a lot of 'broken links' (;-)

Ralf

Please visit my gallery if you are interested in good B/W-photos:
http://www.fotogemeinschaft.de

Ralf-Schlieper Joined: 2005-09-25 Posts: 38	Posted: Wed, 2006-09-20 06:47
	How can I block external Links on my Gallery-photos like this one: http://3puma.de.tl/WASSER.htm -> he copies this link: http://www.fotogemeinschaft.de/d/40188-1/Wasser-14.jpg Is it possible (and does it help) to change the .htaccess like this (NEW: Last 6 lines with: 'HTTP_REFERER'...: -------------- ErrorDocument 300 / ErrorDocument 404 / # BEGIN Url Rewrite section # (Automatically generated. Do not edit this section) <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d [OR] RewriteCond %{REQUEST_FILENAME} gallery\_remote2\.php RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . - [L] RewriteCond %{THE_REQUEST} \ /sitemap(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=sitemap.Sitemap [QSA,L] RewriteCond %{THE_REQUEST} \ /d/([0-9]+)-([0-9]+)/([^\/\?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=core.DownloadItem&g2_itemId=%1&g2_serialNumber=%2&g2_fileName=%3 [QSA,L] RewriteCond %{THE_REQUEST} \ /v/([^?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=core.ShowItem&g2_path=%1 [QSA,L] RewriteCond %{THE_REQUEST} \ /([^?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=rewrite.FileNotFound [QSA,L] # NEW NEW NEW - Lines against traffic-thieves...: RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://fotogemeinschaft.de.$ [NC] RewriteCond %{HTTP_REFERER} !^http://photogemeinschaft.de.$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.fotogemeinschaft.de.$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.photogemeinschaft.de.$ [NC] RewriteRule /* http://www.fotogemeinschaft.de/image/logo.gif [R,L] </IfModule> # END Url Rewrite section -------------- Gallery-Version = 2.1.0- Kern 1.0.20 PHP-Version = 4.4.4 cgi Webserver = Apache/1.3.37 (Unix) Datenbank = mysql 4.0.25-standard Werkzeuge = Gd, NetPBM, Exif, Thumbnail, ArchiveUpload Betriebssystem = Linux infong 2.4 #1 SMP Thu Jan 13 08:59:31 CET 2005 i686 unknown Browser = Mozilla/5.0 (Windows; U; Windows NT 5.1; de-AT; rv:1.8.0.7) Gecko/20060910 SeaMonkey/1.0.5 Thanks Ralf Please visit my gallery if you are interested in good B/W-photos: http://www.fotogemeinschaft.de
	XUser login Username: * Password: * Create new account Request new password
bharat Joined: 2002-05-21 Posts: 7934	Posted: Wed, 2006-09-20 09:52
	You're modifying lines inside a block marked: # BEGIN Url Rewrite section # (Automatically generated. Do not edit this section) -- this is not a good idea! For safety, put any changes you make outside of that block else Gallery may choke on or delete your changes. To block hotlinkers, try Site Admin -> URL Rewrite and then click the checkbox next to "Block hotlinked items". That should update your .htaccess file with the right rules.

Ralf-Schlieper Joined: 2005-09-25 Posts: 38	Posted: Wed, 2006-09-20 10:34
	bharat wrote: You're modifying lines inside a block marked: # BEGIN Url Rewrite section # (Automatically generated. Do not edit this section) -- this is not a good idea! For safety, put any changes you make outside of that block else Gallery may choke on or delete your changes. To block hotlinkers, try Site Admin -> URL Rewrite and then click the checkbox next to "Block hotlinked items". That should update your .htaccess file with the right rules. ++++++++++++++ Thanks a lot bharat. This is the solution for the thieves (;-) But after this modification my other 10 Domains don't show any photos, when I DON't configure them as pure redirected URLS I have 11 domains, which should be allowed to show the photos also as SEPARATE websites (up to now I have configured ALL domais as redirections to www.fotogemeinschaft.de) http://www.fotogemeinschaft.de http://www.fotogemeinschaft.eu http://www.fotogemeinschaft.at http://www.fotogemeinschaft.com http://www.fotogemeinschaft.info http://www.fotogemeinschaft.net http://www.photogemeinschaft.de http://www.world-family.de http://www.world-family.info http://www.with-open-eyes.de http://www.with-open-eyes.info But in the new (automatically added) rewrite rule there is only ONE domain 'www.fotogemeinschaft.de': ---------------- RewriteCond %{QUERY_STRING} view=core.DownloadItem RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule . /main.php? [F,L] ------------------- Ralf Please visit my gallery if you are interested in good B/W-photos: http://www.fotogemeinschaft.de

bharat Joined: 2002-05-21 Posts: 7934	Posted: Wed, 2006-09-20 18:26
	Hm, yes I see what you mean. G2 doesn't know about all the various domains that you're using to access your photos. Ok, here's what you can do. Turn off that rule in Site Admin -> URL Rewrite. Then edit your .htaccess file and above the gallery "don't modify this" block, add these lines: RewriteCond %{QUERY_STRING} view=core.DownloadItem RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC] ... all your other domains here in the same format as the line above ... RewriteCond %{HTTP_REFERER} !^$ RewriteRule . /main.php? [F,L] I tested this out on my server and it worked properly.

valiant Joined: 2003-01-04 Posts: 32509	Posted: Wed, 2006-09-20 20:28
	No need to hack the .htaccess file. There's a web-interface to specify a white list / allowed referrers in G2! go to: "site admin" -> "URL rewrite" -> "setup" tab and enter there your " Approved referers" aka your domains.

Ralf-Schlieper Joined: 2005-09-25 Posts: 38	Posted: Thu, 2006-09-21 03:14
	valiant wrote: No need to hack the .htaccess file. There's a web-interface to specify a white list / allowed referrers in G2! go to: "site admin" -> "URL rewrite" -> "setup" tab and enter there your " Approved referers" aka your domains. Great - thanks al lot to valiant and bharat: Here is now my AUTOMATICALLY modificates .htaccess: ------------- ErrorDocument 300 / ErrorDocument 404 / # BEGIN Url Rewrite section # (Automatically generated. Do not edit this section) <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d [OR] RewriteCond %{REQUEST_FILENAME} gallery\_remote2\.php RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . - [L] RewriteCond %{QUERY_STRING} view=core.DownloadItem RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.eu/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.at/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.com/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.info/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.net/ [NC] RewriteCond %{HTTP_REFERER} !://www.photogemeinschaft.de/ [NC] RewriteCond %{HTTP_REFERER} !://www.world-family.de/ [NC] RewriteCond %{HTTP_REFERER} !://www.world-family.info/ [NC] RewriteCond %{HTTP_REFERER} !://www.with-open-eyes.de/ [NC] RewriteCond %{HTTP_REFERER} !://www.with-open-eyes.info/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotocommunity.de/ [NC] RewriteCond %{HTTP_REFERER} !://www.fotogemeinschaft.de/ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule . /main.php? [F,L] RewriteCond %{THE_REQUEST} \ /sitemap(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=sitemap.Sitemap [QSA,L] RewriteCond %{THE_REQUEST} \ /c/view/([0-9]+).html(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=comment.ShowAllComments&g2_itemId=%1 [QSA,L] RewriteCond %{THE_REQUEST} \ /c/add/([0-9]+).html(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=comment.AddComment&g2_itemId=%1 [QSA,L] RewriteCond %{THE_REQUEST} \ /d/([0-9]+)-([0-9]+)/([^\/\?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=core.DownloadItem&g2_itemId=%1&g2_serialNumber=%2&g2_fileName=%3 [QSA,L] RewriteCond %{THE_REQUEST} \ /v/([^?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=core.ShowItem&g2_path=%1 [QSA,L] RewriteCond %{THE_REQUEST} \ /([^?]+)(\?.\|\ .) RewriteCond %{REQUEST_FILENAME} !/main\.php$ RewriteRule . /main.php?g2_view=rewrite.FileNotFound [QSA,L] </IfModule> # END Url Rewrite section ------------- ()) And picture-/traffic-thieves now have a lot of 'broken links' (;-) Ralf Please visit my gallery if you are interested in good B/W-photos: http://www.fotogemeinschaft.de

Blocking Traffic- and Picture-Thieves

XUser login