Post by tsloc » Mon Feb 22, 2021 3:39 am

Hello,

I have found cloned / scraped sites that are using my pictures from my webshop. The first thing I want to do is to add code in my htaccess fils to avoid hotlinking of images. I tried to add some code that I googled but with no success. It ended up with 500 server error so the code was placed in wrong part of my htaccess.

So my question is; where in the htaccess file should the hotlinking code be placed? I would like to see some examples if someone have that.

Many thanks!

New member

Posts

Joined
Thu Feb 09, 2017 7:15 am

Active Member

Posts

Joined
Thu May 28, 2020 6:55 am
Location - Wales

Post by Naheed » Mon Feb 22, 2021 4:41 pm

If you find any way then let me know, please.
I am also looking for it. It will be a great help
as I am also in a similar situation.

User avatar
Active Member

Posts

Joined
Mon Aug 10, 2020 11:19 pm

Post by paulfeakins » Mon Feb 22, 2021 7:48 pm

You may be able to turn this on from cPanel and that should add the code to .htaccess for you.

UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk


User avatar
Guru Member
Online

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - London Gatwick, United Kingdom

Post by tsloc » Tue Feb 23, 2021 2:35 am

Thanks all for your answers.

I will check the above link. I tried to add some hotlink code but after some tests I stopped. I have asked my host. They are not using cPanel, only their own backend system.

New member

Posts

Joined
Thu Feb 09, 2017 7:15 am

Post by mikeinterserv » Tue Feb 23, 2021 3:05 am

Try this

Code: Select all

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain\.com/.*$ [NC]
RewriteRule \.(gif|jpg|png)$ /feed/ [R=302,L]
replace yourdomain - with your website domain name

This version will allow search engines specified

Code: Select all

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.com [NC]
RewriteRule \.(jpg|png|gif|)$ - [NC,R,L]
And this

Code: Select all

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomainname.com/.*$ [NC]
RewriteRule \.(gif|jpg|png)$ - [F]
At leat 1 of these should work for you

Active Member

Posts

Joined
Thu May 28, 2020 6:55 am
Location - Wales

Post by tsloc » Wed Feb 24, 2021 2:42 am

Many thanks mikeinterserv for the reply. I will look into this together with my host.

New member

Posts

Joined
Thu Feb 09, 2017 7:15 am

Post by mikeinterserv » Wed Feb 24, 2021 2:53 am

Post your entire htaccess file here so we can see it, maybe can give you more advice if your host does not manage to help you

Active Member

Posts

Joined
Thu May 28, 2020 6:55 am
Location - Wales

Post by tsloc » Thu Mar 18, 2021 3:37 am

Dear all,

Time to wake up this post again after a while... My htaccess-file looks as below. Note that I just hided two ip addresses in this post that I tried to block for a while ago. Not sure if that worked.

Any tips regarding first of all block of hotlinking for pictures I will be happy to have. Also tips for avoid scraping if possible. The other answer above in a previous post wrote some interesting code snippets but I have lack of knowledge where to add them correctly.

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------

#code added 210131
# Apache 2.4+
<RequireAll>
Require all granted
Require not ip XXX
Require not ip XXX
</RequireAll>

Options +FollowSymlinks

# Prevent Directoy listing
Options -Indexes

# Prevent Direct Access to files
<FilesMatch "(?i)((\.tpl|.twig|\.ini|\.log|(?<!robots)\.txt))">
Require all denied
## For apache 2.2 and older, replace "Require all denied" with these two lines :
# Order deny,allow
# Deny from all
</FilesMatch>

# SEO URL Settings
RewriteEngine On

RewriteBase /
RewriteRule ^sitemap.xml$ index.php?route=extension/feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=extension/feed/google_base [L]
RewriteRule ^system/storage/(.*) index.php?route=error/not_found [L]
RewriteCond %{QUERY_STRING} ^tag=(.+)$ [NC]
RewriteRule ^product/search$ /tagg/%1 [R=302,QSD,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]

<IfModule mod_mime.c>
AddType font/opentype .otf
AddType application/font-woff .woff
AddType application/font-woff2 .woff2
AddType application/x-font-ttf .ttf
AddType application/vnd.ms-fontobject .eot
AddType image/svg+xml .svg

</IfModule>

<IfModule mod_expires.c>

# Compress compressible fonts
# only uncomment if you dont have compression turned on already. Otherwise it will cause all other filestypes not to get compressed
# AddOutputFilterByType DEFLATE application/x-font-ttf application/x-font-opentype image/svg+xml

ExpiresActive On
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType image/x-icon "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
ExpiresByType application/x-font-ttf "access plus 1 year"
ExpiresByType application/x-font-opentype "access plus 1 year"
ExpiresByType application/x-font-woff "access plus 1 year"

# Add a far future Expires header for fonts
ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
ExpiresByType application/x-font-ttf "access plus 1 year"
ExpiresByType application/x-font-opentype "access plus 1 year"
ExpiresByType application/x-font-woff "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType application/font-woff2 "access plus 1 year"
ExpiresByType font/woff2 "access plus 1 year"
</IfModule>

# 1. If your cart only allows you to add one item at a time, it is possible register_globals is on. This may work to disable it:
# php_flag register_globals off

# 2. If your cart has magic quotes enabled, This may work to disable it:
# php_flag magic_quotes_gpc Off

# 3. Set max upload file size. Most hosts will limit this and not allow it to be overridden but you can try
# php_value upload_max_filesize 999M

# 4. set max post size. uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value post_max_size 999M

# 5. set max time script can take. uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value max_execution_time 200

# 6. set max time for input to be recieved. Uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value max_input_time 200

# 7. disable open_basedir limitations
# php_admin_value open_basedir none

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------

Many thanks for all help and support my forum friends!

New member

Posts

Joined
Thu Feb 09, 2017 7:15 am

Post by mikeinterserv » Thu Mar 18, 2021 6:59 am

This is your htaccess with hotlink blocking added
You can probably forget scraping.

Code: Select all

#code added 210131
# Apache 2.4+
<RequireAll>
    Require all granted
    Require not ip XXX
    Require not ip XXX
</RequireAll>

Options +FollowSymlinks

# Prevent Directoy listing
Options -Indexes

# Prevent Direct Access to files
<FilesMatch "(?i)((\.tpl|.twig|\.ini|\.log|(?<!robots)\.txt))">
 Require all denied
## For apache 2.2 and older, replace "Require all denied" with these two lines :
# Order deny,allow
# Deny from all
</FilesMatch>

# SEO URL Settings
RewriteEngine On

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.com [NC]
RewriteRule \.(jpg|png|gif|)$ - [NC,R,L]

RewriteBase /
RewriteRule ^sitemap.xml$ index.php?route=extension/feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=extension/feed/google_base [L]
RewriteRule ^system/storage/(.*) index.php?route=error/not_found [L]
RewriteCond %{QUERY_STRING} ^tag=(.+)$ [NC]
RewriteRule ^product/search$ /tagg/%1 [R=302,QSD,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]

<IfModule mod_mime.c>
AddType font/opentype .otf
AddType application/font-woff .woff
AddType application/font-woff2 .woff2
AddType application/x-font-ttf .ttf
AddType application/vnd.ms-fontobject .eot
AddType image/svg+xml .svg

</IfModule>

<IfModule mod_expires.c>

# Compress compressible fonts
# only uncomment if you dont have compression turned on already. Otherwise it will cause all other filestypes not to get compressed
# AddOutputFilterByType DEFLATE application/x-font-ttf application/x-font-opentype image/svg+xml

ExpiresActive On
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType image/x-icon "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
ExpiresByType application/x-font-ttf "access plus 1 year"
ExpiresByType application/x-font-opentype "access plus 1 year"
ExpiresByType application/x-font-woff "access plus 1 year"

# Add a far future Expires header for fonts
ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
ExpiresByType application/x-font-ttf "access plus 1 year"
ExpiresByType application/x-font-opentype "access plus 1 year"
ExpiresByType application/x-font-woff "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType application/font-woff2 "access plus 1 year"
ExpiresByType font/woff2 "access plus 1 year"
</IfModule>

# 1. If your cart only allows you to add one item at a time, it is possible register_globals is on. This may work to disable it:
# php_flag register_globals off

# 2. If your cart has magic quotes enabled, This may work to disable it:
# php_flag magic_quotes_gpc Off

# 3. Set max upload file size. Most hosts will limit this and not allow it to be overridden but you can try
# php_value upload_max_filesize 999M

# 4. set max post size. uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value post_max_size 999M

# 5. set max time script can take. uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value max_execution_time 200

# 6. set max time for input to be recieved. Uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value max_input_time 200

# 7. disable open_basedir limitations
# php_admin_value open_basedir none

Active Member

Posts

Joined
Thu May 28, 2020 6:55 am
Location - Wales
Who is online

Users browsing this forum: No registered users and 14 guests