how to test if hotlink protection works?

[jass]

As the host of my site do not have the hot link protection feature available, they have directed me to a site to create one .htaccess file to enable the hotlinking protection.

http://www.javascriptkit.com/howto/htaccess10.shtml

Q1 : In the codes as appended below, do I need to retain the "?" before mydomain.com/?

Q2: How do I test whether it works or not?

Thank you.


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|js|css)$ - [F]

[mwinter]

In the codes as appended below, do I need to retain the "?" before mydomain.com/?

That depends on how your site is set up. Some sites can be accessed with a host names like example.com as well as www.example.com. The question mark is a regular expression operator that makes a part optional: it would match a Referer header that began either http://mydomain.com/ or http://www.mydomain.com/. If only one is acceptable, then change the regular expression accordingly.

How do I test whether it works or not?

A simple test would be to write a document that hotlinks an image from another host, if you have one. A more thorough test would involve sending requests that contain both acceptable and unacceptable Referer headers and check the response. You can do that with a telnet session. If you have a browser that implements the XMLHttpRequest object, you can use that, too.

RewriteRule \.(gif|jpg|js|css)$ - [F]

Is that list complete? No PNG images or JPEGs that have a .jpeg extension?

Mike

[ItsMeOnly]

Just be advised that if you open images using javascript, this condition will block IE users from opening them- neither Explorer sends "Refering-URI" header with window.open or location.href.

[jass]

Thanks to both. Greatly appreciate.