Web Hosting Forum | Lunarpages


*
Welcome, Guest. Please login or register.
Did you miss your activation email?


Login with username, password and session length
May 16, 2012, 06:20:01 PM

Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: blocking bandwidth theft with .htaccess  (Read 1368 times)
yasminlebondotnet
Newbie
*
Offline Offline

Posts: 1
« on: April 20, 2010, 10:44:42 AM »
I want to be able to block a certain number of websites from using my website's bandwidth, but not all of them, as a total block can prevent visitors from accessing images via search engines and email.  I using the tutorial on this site (http://www.javascriptkit.com/howto/htaccess14.shtml) to create an .htaccess file and uploaded the file to my root domain.  However, it did not seem to be working - the only alternative at the moment appears to be to block all urls except my own via the HotLink Protection in the cPanel.  Any advice on how to remedy this?

Here is what I entered (the urls are the ones I want to block, not allow):

RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} sakhtafzar\.com [NC,OR]
RewriteCond %{HTTP_REFERER} simonlebon.aceboard\.com
RewriteCond %{HTTP_REFERER} duranduransjn.aceboard\.fr
RewriteCond %{HTTP_REFERER} myspace\.com
RewriteCond %{HTTP_REFERER} www.tianya\.cn
RewriteCond %{HTTP_REFERER} blogspot\.com
RewriteCond %{HTTP_REFERER} sozluk.sourtimes\.org
RewriteCond %{HTTP_REFERER} freeforumzone.leonardo\.it
RewriteCond %{HTTP_REFERER} www.goodee\.cn
RewriteCond %{HTTP_REFERER} www.liveinternet\.ru
RewriteCond %{HTTP_REFERER} rinconhispano.proboards\.com
RewriteCond %{HTTP_REFERER} duranduran\.sk
RewriteRule .* - [F]
Logged
MrPhil
Senior Moderator
Berserker Poster
*****
Offline Offline

Posts: 5191
« Reply #1 on: April 20, 2010, 02:17:22 PM »
You need an [OR] on all but the last entry. What you have now checks for (sakhtazar.com OR simonleban.aceboard.com) AND duranduransjn.aceboard.fr AND myspace.com AND...  Needless to say, HTTP_REFERER won't match more than one, so the entire string of RewriteConds is always FALSE.

The [NC] flag would go on all entries. Don't forget to escape all periods (\.) not just the last one in each entry. What you have for the RewriteRule should Fail any access from these sites. Have you looked at blocking by IP address instead? That might work, too, but I won't swear to it. And don't forget that HTTP_REFERER is supposedly easy to fake (and proxies could be used instead).
Logged
Visit My Site

E-mail Me
 
-= From the ashes shall rise a sooty tern =-
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to: