Re: OT: anyone know how to prevent image hijacking with Apache?

This WebDNA talk-list message is from

2002


It keeps the original formatting.
numero = 44885
interpreted = N
texte = And here's a bit more on the subject, looks even more promising: From http://www.w3.org/Security/Faq/wwwsf2.html If, on the other hand, the concern is that unscrupulous sites are linking to your CGI scripts and images without authorization, essentially freeloading on your site, then you may be able to prevent this by using the Referer field to restrict access. This requires you to have a Web server that can filter requests based on arbitrary HTTP request fields. You will want to allow requests by older clients that have no Referer field defined, and those whose Referer field points back to one of your site's pages. Clients whose Referer field is from an unrelated site are refused acccess. This will prevent remote sites from using your site as the target of their and
tags.The Apache Web server, when equipped with the optional mod_rewrite module, can accomplish this with the following series of directives:RewriteCond %{HTTP_REFERER} !^$ # Referer field exists RewriteCond %{HTTP_REFERER} !^http://my.site.com/ [NC] # and not my site RewriteRule [^/]+\.(gif|jpg)$ - [F] # No access to images RewriteRule ^/cgi-bin/.+$ - [F] # No access to CGIsCheers,-WillOn Tuesday, November 5, 2002, at 09:40 PM, WJ Starck wrote:> Dale- > > Have a look at this page: > > http://httpd.apache.org/docs/misc/rewriteguide.html > > > Looks like you may be able to use the mod_rewrite module to > accomplish this... > > HTH, > > -Will Starck > NovaDerm Skincare Science > http://www.novaderm.com > wjs@novaderm.com > > > > > On Tuesday, November 5, 2002, at 09:13 PM, dale's stuff wrote: > >> Hi all, >> >> Processing my log files tonight I see a certain group of websites are >> hijacking a bunch of my images and direct linking to them from my >> server which of course also costs me bandwidth. >> >> any ideas on how to, from within apache itself, to serve up an >> alternate file for these requests? And boy do I have a particular >> type file in mind :) >> >> The only down-side is that I currently have about 50 domains of my >> own that all point to this one site, so requests from those domains >> are of course valid. >> >> Thanks >> >> Dale >> >> >> ------------------------------------------------------------- >> This message is sent to you because you are subscribed to >> the mailing list . >> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to >> >> Web Archive of this list is at: http://search.smithmicro.com/ >> > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://search.smithmicro.com/ > ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: OT: anyone know how to prevent image hijacking with Apache? (Glenn Busbin 2002)
  2. Re: OT: anyone know how to prevent image hijacking with Apache? (WJ Starck 2002)
  3. Re: OT: anyone know how to prevent image hijacking with Apache? (WJ Starck 2002)
  4. Re: OT: anyone know how to prevent image hijacking with Apache? (Kalin Mintchev 2002)
  5. OT: anyone know how to prevent image hijacking with Apache? (dale's stuff 2002)
And here's a bit more on the subject, looks even more promising: From http://www.w3.org/Security/Faq/wwwsf2.html If, on the other hand, the concern is that unscrupulous sites are linking to your CGI scripts and images without authorization, essentially freeloading on your site, then you may be able to prevent this by using the Referer field to restrict access. This requires you to have a Web server that can filter requests based on arbitrary HTTP request fields. You will want to allow requests by older clients that have no Referer field defined, and those whose Referer field points back to one of your site's pages. Clients whose Referer field is from an unrelated site are refused acccess. This will prevent remote sites from using your site as the target of their and tags.The Apache Web server, when equipped with the optional mod_rewrite module, can accomplish this with the following series of directives:RewriteCond %{HTTP_REFERER} !^$ # Referer field exists RewriteCond %{HTTP_REFERER} !^http://my.site.com/ [NC] # and not my site RewriteRule [^/]+\.(gif|jpg)$ - [F] # No access to images RewriteRule ^/cgi-bin/.+$ - [F] # No access to CGIsCheers,-WillOn Tuesday, November 5, 2002, at 09:40 PM, WJ Starck wrote:> Dale- > > Have a look at this page: > > http://httpd.apache.org/docs/misc/rewriteguide.html > > > Looks like you may be able to use the mod_rewrite module to > accomplish this... > > HTH, > > -Will Starck > NovaDerm Skincare Science > http://www.novaderm.com > wjs@novaderm.com > > > > > On Tuesday, November 5, 2002, at 09:13 PM, dale's stuff wrote: > >> Hi all, >> >> Processing my log files tonight I see a certain group of websites are >> hijacking a bunch of my images and direct linking to them from my >> server which of course also costs me bandwidth. >> >> any ideas on how to, from within apache itself, to serve up an >> alternate file for these requests? And boy do I have a particular >> type file in mind :) >> >> The only down-side is that I currently have about 50 domains of my >> own that all point to this one site, so requests from those domains >> are of course valid. >> >> Thanks >> >> Dale >> >> >> ------------------------------------------------------------- >> This message is sent to you because you are subscribed to >> the mailing list . >> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to >> >> Web Archive of this list is at: http://search.smithmicro.com/ >> > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://search.smithmicro.com/ > ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ WJ Starck

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Search/sort in URL Was: GuestBook example (1997) OT-Load balance (2004) [WriteFile] problems (1997) Re:2nd WebCatalog2 Feature Request (1996) PCS Frames (1997) Uh...can someone help me out with the b10? (1997) Still having install problems (2000) Searching multiple fields (1997) For those of you not on the WebCatalog Beta... (1997) WebCat2b13MacPlugIn - [showif][search][/showif] (1997) Authenticating users without dialog box (1997) Multi-processor Mac info ... (1997) [carts] and databases (1997) Disappearing Database (1998) Please.. copies of Digest for 7/29 and 7/30? (1997) Template not found error messages (1997) [OT] Passing a WebDNA variable through flash (2004) Cart Numbers (1997) Email Problem (2006) Perl programmer needed (2002)