Log in

No account? Create an account
.htaccess Rewrite Engine gotcha - abates
Brilliant but slightly odd but very nice

Alden Bates
Date: 2004-05-31 21:42
Subject: .htaccess Rewrite Engine gotcha
Security: Public
I've been wondering why my 403 (access denied) scripts for my music and NZDWFC subdomains on my site weren't working. They log all hits from sites attempting to hotlink to my graphics - a while back I inserted some mod_rewrite voodoo into the .htacces file on tetrap.com to prevent all hotlinking, including on the domains.

I decided to try an experiment - I banned my own IP and tried to access the NZDWFC site. I got a 403 error, and the 403 script logged the error properly, so the scripts were OK.

I then tested the hotlinking by translating a page in Google. The graphics loaded. The image hotlinking protection on the two subdomains was broken. Buggery.

It turned out to be because I'd added mod_rewrite blocks to the .htaccess files for the subdomains, in order to redirect www.music.tetrap.com to the shorter music.tetrap.com. Apparently these rewrite blocks overrode the one in the .htaccess file for the domain as a whole, and that's where the voodoo for banning hotlinks was located. Fixing it was a matter of copying the appropriate hotlink prevention lines into the .htaccess files on both subdomains.

I now anticipate a flood of failed hotlink attempts, as no doubt people have been linking to album covers like mad.
Post A Comment | | Link

August 2016