使用htaccess对多个域动态阻止图像热链接 [英] Dynamically prevent hotlinking images using htaccess for multiple domains
问题描述
有关使用htaccess防止热链接的详细记录.但是,我想在不为每个域添加规则的情况下防止对多个域进行热链接.
Preventing hotlinking using htaccess is well documented. However, I want to prevent hotlinking for multiple domains without adding a rule per domain.
我的想法是将引荐来源网址与主机名匹配,这对我来说似乎是一个很好的解决方案.
My idea is to match the referrer with the hostname, this seems like a good solution to me.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?%{HTTP_HOST}/.*$ [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
</IfModule>
这是防止热链接的正确且安全的解决方案吗?
Is this is a proper and safe solution to prevent hotlinking?
推荐答案
当请求与www.
一起提供时,此方法将无效,但引荐来源网址则无效.这是因为您的规则将有效地尝试匹配以下无效的内容.
This won't work when the request comes with www.
but the referrer doesn't. That's because your rule would effectively try to match the following which wouldn't work.
RewriteCond http://domain.com/index.php !^http://(www\.)?www\.domain\.com/.*$
正确的方法是使用以下内容:
The correct way is to use the following:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} ^https?://(www\.)?([^/]+)/.*$ [NC]
RewriteCond %2#%{HTTP_HOST} !^(.+)#(www\.)?\1$ [NC]
RewriteRule \.(bmp|gif|jpe?g|png|swf)$ - [F,L,NC]
这也处理SSL(https:
). 在此处查看.
This takes care of SSL (https:
) as well. Take a look here to see how it works.
这篇关于使用htaccess对多个域动态阻止图像热链接的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!