时间戳

首页 > 解决方案 > How to allow access to files for all sites while maintaining htaccess redirection

.htaccess - How to allow access to files for all sites while maintaining htaccess redirection

问题描述

I wanted to keep the redirect rule. but I don't want to have to add site by site so that they can display the image. how can i change this rule so that it can do this trick? thanks in advance. Any help is welcome :)

actual htaccess

<Files ~ "\.(jpg|jpeg|png|gif)$">
    Order allow,deny
    allow from all
    </Files>
    RewriteEngine on 
    RewriteCond %{QUERY_STRING} (?:^|&)fbclid=
    RewriteRule ^ / [L,R=permanent]
    RewriteCond %{HTTP_REFERER} !^https://mysite,com [NC] 
    
    RewriteCond %{HTTP_REFERER} !^https://www.facebook,com/.*$ [NC] 
    RewriteCond %{HTTP_REFERER} !^https://www.facebook,com/ [NC] 
    RewriteCond %{HTTP_REFERER} !^https://externalsite,com/ [NC] 
    RewriteCond %{HTTP_REFERER} !^http://externalsite2,com/ [NC] 
    RewriteCond %{HTTP_REFERER} !^https://mysite,com.*$ [NC] 
     
    
    RewriteRule \.(jpg|jpeg|png|gif)$ https://mysite,com [NC,R,L]
    
    
    
    
    <IfModule mod_php4.c>
      php_value engine off
    </IfModule>
    <IfModule mod_php5.c>
      php_value engine off
    </IfModule>
    
    <Files ~ "\.((php[0-9]?)|p?html?|pl|sh|java|cpp|c|h|js|rc)$">
    Order allow,deny
    Deny from all
    </Files>

标签: .htaccessredirect

解决方案

  RewriteCond %{HTTP_REFERER} !^https://mysite,com [NC] 
    
    RewriteCond %{HTTP_REFERER} !^https://www.facebook,com/.*$ [NC] 
    RewriteCond %{HTTP_REFERER} !^https://www.facebook,com/ [NC] 
    RewriteCond %{HTTP_REFERER} !^https://externalsite,com/ [NC] 
    RewriteCond %{HTTP_REFERER} !^http://externalsite2,com/ [NC] 
    RewriteCond %{HTTP_REFERER} !^https://mysite,com.*$ [NC] 
     
    
    RewriteRule \.(jpg|jpeg|png|gif)$ https://mysite,com [NC,R,L]

I wanted to give full access to other sites to incorporate my content ... redirecting if you access the file directly at example.com/uploads/test.gif

If you simply want to block direct access (in which case the Referer header is empty) and allow all other sites to link to your images (basically the opposite of "hotlink protection") then you can replace the above rule (that redirects such requests to the root) with the following:

RewriteCond %{HTTP_REFERER} ^$
RewriteRule \.(jpg|jpeg|png|gif)$ https://example.com/ [NC,R,L]

This redirects all direct requests to the root / home page.

(You had erroneous commas , in your original directives that would have prevented this from working?!)

HOWEVER, basing this redirect on the HTTP Referer is unreliable - you will get false positives. The Referer is sent by the browser - so the user can control (and suppress) what is sent. The website that is linking to you can also set a referrer-policy that suppresses the HTTP Referer being sent - so all requests from some sites might look like direct requests anyway and end up being blocked. There is no way around this.

推荐阅读