Junior Coders
Hotlinking with HTAccess but how to Log Hotlinker?
Hi,
I already have a mechanism to disable Hot-linking in my .HTAccess file, but I wanted to know if anybody knew of a method to log the hot-linker details?
I appreciate that I could trawl through the sever log files, but time is limited.
Thanks for any help,
Mark.
Global Moderator
To confirm:
1. You want to stop hotlinking.
2. You want to log any (failed) attempts at hotlinking.
Is that correct?
I'm not sure if you can write a file using .htaccess, so I don't know how you'd be able to store the information. The easy solution seems to be using mod_rewrite to serve a .php file (or something similar) that logs the attempt.
If the request is valid, serve the image. (default)
If the request is hotlinking, serve a php page instead. (use htaccess like you are now, but using mod_rewrite rather than serving an error denying the file)
Now, on that PHP file you will log the information about the request. You can use a database, text files, or anything else you'd like.
You can get the referring URL, and that will tell you the domain. Or you can get the IP of the visitor and log that, although that information is relatively useless because they're are probably just an innocent visitor on whatever other site is using your files.
Finally, if you want it to behave identically as it does now, you can send an HTTP header that the file is denied or whatever you'd like.
Any serverside language can be used instead of PHP. ASP, CGI, JSP, etc.
Daniel - Freelance Web Design | <?php?> | <html>| español | Deutsch | italiano | português | català | un peu de français | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum
Junior Coders
Hi, and thanks for the quick response...
Originally Posted by djr33
The HTAccess code above is defined in an images directory to protect the images of certain sensitive webpages.Code:## DISABLE HOTLINKING RewriteEngine On RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://([^.]+\.)?domain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !google. [NC] RewriteCond %{HTTP_REFERER} !search?q=cache [NC] RewriteCond %{HTTP_REFERER} !msn. [NC] RewriteCond %{HTTP_REFERER} !yahoo. [NC] RewriteCond %{HTTP_REFERER} !facebook. [NC] RewriteRule .*\.(gif|png|jpeg|jpg)$ ./images/hotlinked.jpg [L] ## DISABLE HOTLINKING end RewriteEngine On RewriteCond %{REQUEST_FILENAME} -f RewriteRule \.(gif|png|jpeg|jpg)$ ./loghotlinks.php [QSA,NC]
Thanks again,
Mark.
Global Moderator
Hi Mark,
Is the top part of the code above your original, working code?
If so, you can remove the rest of what you added and simply change the URL for the image to be served. Rather than "hotlink.jpg" (an image) use "hotlink.php".
There are two things you can do with PHP:
1. You can serve an image indirectly using the PHP script. (You will need to supply file type headers and then use readfile() to send the data to the visitor.)
2. You can refuse the request (give an error such as "not found" using HTTP headers).
3. You can serve the PHP page's output (as html, text). This will break images on all webpages that hotlink, but that shouldn't bother you.
Probably the best will be to use option 1, but that can be a little confusing. If that's what you want to do, first get everything else working then we can help you with the PHP. (Do you have PHP available on your server?)
Daniel - Freelance Web Design | <?php?> | <html>| español | Deutsch | italiano | português | català | un peu de français | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum
Junior Coders
Hello again,
Hope that helps and thanks for your help,Hi Mark,
Is the top part of the code above your original, working code?
Yes, for the past couple of years,
If so, you can remove the rest of what you added and simply change the URL for the image to be served. Rather than "hotlink.jpg" (an image) use "hotlink.php".
OK.
There are two things you can do with PHP:
1. You can serve an image indirectly using the PHP script. (You will need to supply file type headers and then use readfile() to send the data to the visitor.)
2. You can refuse the request (give an error such as "not found" using HTTP headers).
3. You can serve the PHP page's output (as html, text). This will break images on all webpages that hotlink, but that shouldn't bother you.
Probably the best will be to use option 1, but that can be a little confusing.
I agree that Option 1 is the way to go, as it's free publicity for the website with the URL Watermark
If that's what you want to do, first get everything else working then we can help you with the PHP.
(Do you have PHP available on your server?)
I am a 'seasoned' PHP developer and PHP installed on the web-server.
I am also currently using an on-the-fly watermarking PHP script, which stores an MD5 version of the image file with the merged watermark, so it readfiles the image and controls the header, but this doesn't happen currently if the image is hot-linked.
Mark.
Global Moderator
Does that solve everything?
Change the rewrite URL and then that PHP script will be served instead of a hotlinked image. Then all you need to do is work out what you want the PHP script do serve (such as an image), and if you're experienced with PHP that should be possible.
Do you have more questions?
Daniel - Freelance Web Design | <?php?> | <html>| español | Deutsch | italiano | português | català | un peu de français | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum
Junior Coders
Thanks for your help. I used the watermarking code as a working basis, and adapted it to log the hot-link but also serve up the warning image.
Brilliant stuff and thanks for your help,
Mark.
Posting Permissions
Reply With Quote
Bookmarks