Forbid fetch all(thumbnails ,resize and original) image from external(unkonw) webpage.

epopen

Joined: 2009-04-06
Posts: 21

Posted: Sat, 2010-01-23 14:31

Hello, everyone.

Nearly, I seem my website bandwidth increase.
I checked log, Some of unknown webpage fetch resize images directly.
These comsunption server's CPU and bandwidth.

How forbid these unwant link perfect?
Or Gallery nor Apache all OK.
(default block all of directly link, But allow specifical link)
(Now I use mod_security and filter source URL in http header From: field.)
Have Gallery about function or module?

Thanks you very much.

alecmyers

Joined: 2006-08-01
Posts: 4342

Posted: Sat, 2010-01-23 21:30

the urlrewrite module lets you do some stuff for unknown referrers; otherwise you can do this with a direct entry in the .htacess file, in the mod_rewrite rules, without going through Gallery. I don't know the exact entry off hand, but I'm sure the answer is available via google.

epopen

Joined: 2009-04-06
Posts: 21

Posted: Sun, 2010-01-24 07:07

alecmyers wrote:

the urlrewrite module lets you do some stuff for unknown referrers; otherwise you can do this with a direct entry in the .htacess file, in the mod_rewrite rules, without going through Gallery. I don't know the exact entry off hand, but I'm sure the answer is available via google.

Thanks you
I plan use apache module mod_security, Filter URL if have "core.DownloadItem" and referrers is not my server to block access.
(I think all of "core.DownloadItem" is gallery2 image)
And bot(google msn etc) is whitelist.

Is it correct?
Thanks you.

alecmyers

Joined: 2006-08-01
Posts: 4342

Posted: Sun, 2010-01-24 22:40

Quote:

Is it correct?

I don't know anything about mod_security, so I can't say. Hopefully someone who does will be able to answer you here.

epopen

Joined: 2009-04-06
Posts: 21

Posted: Mon, 2010-01-25 06:58

Sorry
mod_security is modules
It can filter anyothing(http header,url,body,response ect)
And do anything(block,deny,ignore,pass,delay pass,log etc) when filter match.
Thanks you.

nivekiam

Joined: 2002-12-10
Posts: 16504

Posted: Mon, 2010-01-25 23:45

The only thing I know about mod_security is that disabling it seems to solve lots of problems....

____________________________________________
Like Gallery? Like the support? Donate now!!! See G2 live here

epopen

Joined: 2009-04-06
Posts: 21

Posted: Tue, 2010-01-26 09:40

nivekiam wrote:

The only thing I know about mod_security is that disabling it seems to solve lots of problems....

Oh, But mod_security work fine...

epopen Joined: 2009-04-06 Posts: 21	Posted: Sat, 2010-01-23 14:31
	Hello, everyone. Nearly, I seem my website bandwidth increase. I checked log, Some of unknown webpage fetch resize images directly. These comsunption server's CPU and bandwidth. How forbid these unwant link perfect? Or Gallery nor Apache all OK. (default block all of directly link, But allow specifical link) (Now I use mod_security and filter source URL in http header From: field.) Have Gallery about function or module? Thanks you very much.
	XUser login Username: * Password: * Create new account Request new password
alecmyers Joined: 2006-08-01 Posts: 4342	Posted: Sat, 2010-01-23 21:30
	the urlrewrite module lets you do some stuff for unknown referrers; otherwise you can do this with a direct entry in the .htacess file, in the mod_rewrite rules, without going through Gallery. I don't know the exact entry off hand, but I'm sure the answer is available via google.

epopen Joined: 2009-04-06 Posts: 21	Posted: Sun, 2010-01-24 07:07
	alecmyers wrote: the urlrewrite module lets you do some stuff for unknown referrers; otherwise you can do this with a direct entry in the .htacess file, in the mod_rewrite rules, without going through Gallery. I don't know the exact entry off hand, but I'm sure the answer is available via google. Thanks you I plan use apache module mod_security, Filter URL if have "core.DownloadItem" and referrers is not my server to block access. (I think all of "core.DownloadItem" is gallery2 image) And bot(google msn etc) is whitelist. Is it correct? Thanks you.

alecmyers Joined: 2006-08-01 Posts: 4342	Posted: Sun, 2010-01-24 22:40
	Quote: Is it correct? I don't know anything about mod_security, so I can't say. Hopefully someone who does will be able to answer you here.

epopen Joined: 2009-04-06 Posts: 21	Posted: Mon, 2010-01-25 06:58
	Sorry mod_security is modules It can filter anyothing(http header,url,body,response ect) And do anything(block,deny,ignore,pass,delay pass,log etc) when filter match. Thanks you.

nivekiam Joined: 2002-12-10 Posts: 16504	Posted: Mon, 2010-01-25 23:45
	The only thing I know about mod_security is that disabling it seems to solve lots of problems.... ____________________________________________ Like Gallery? Like the support? Donate now!!! See G2 live here

epopen Joined: 2009-04-06 Posts: 21	Posted: Tue, 2010-01-26 09:40
	nivekiam wrote: The only thing I know about mod_security is that disabling it seems to solve lots of problems.... Oh, But mod_security work fine...

Forbid fetch all(thumbnails ,resize and original) image from external(unkonw) webpage.

XUser login