Is there a .htaccess script I can use to redirect the url of an image to an actual web page?
What can I do to make it so when someone accesses an image via their address bar by typing in: http://www.sitename.com/uploads/192-file-name-here.jpg
or other extensions like
http://www.sitename.com/uploads/235-file-name-here.png
It will instead redirect the user to the web page:
http://www.sitename.com/view/192-file-name-here/
I want to still be able to place the images in image tags across the site and on external sites though.
RewriteCond %{HTTP_REFERER} !^https?:\\www\.sitename\.com
RewriteCond %{REQUEST_URI} (.*)\.jpg$
RewriteRule images/(\d+)\.jpg http://www.sitename.com/view/$1.html [L,R=301]
RewriteCond %{HTTP_REFERER} ^$
Can this be modified/re-written to perform my function?
put this in your .htaccess, it will redirect all requests that are sent directly by user.Note: Other sites,as you mentioned can put your images in their pages.
RewriteCond %{REQUEST_URI} ^/uploads/(\d+)-(.+)\.(png|gif|jpe?g|bmp)$ [NC]
RewriteCond %{HTTP_REFERER} ^$
RewriteRule (.*) http://www.sitename.com/view/%1-%2/
Yes you can always redirect images to a webpage or anything using .htaccess.
But images/(\d+).*\.jpg may be better.
Related
I have a registration page from my website portal but I want to allow it to be loaded only if the previous domain was the PayPal domain (for example). That way I would garantee that even if a bot scanned my WordPress instance (which is not difficult), it could not register.
I know that mod_rewrite can prevent hotlinking, and allow specific domains to load that content.
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mydomain.com [NC]
RewriteRule \.(jpe?g|gif|bmp|png)$ https://example/404.jpg [NC,L]
But is it possible using a normal URL? That is, not a file, but a page?
You could use (assuming your registration link is, e.g. /wp-login.php?action=register)
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?paypal.com [NC]
RewriteCond %{QUERY_STRING} ^action=register$
RewriteRule ^wp-login.php index.php [NC,L]
..to redirect to index.php if someone tried to register without coming from paypal (headers can be spoofed, of course)
Yes, you can use the HTTP_REFERER for any URL. Add this to your .htaccess:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?paypal.com [NC]
RewriteCond %{REQUEST_URI} ^/your-registration-url$ [NC]
RewriteRule ^your-registration-url$ https://website.com/404 [R=301,L]
That would redirect anyone visiting your registration URL not having paypal.com as the referrer to a website.com/404 or whatever page you choose to redirect them to.
I want to prevent people from getting the images of my website by typing in the URLs in browser address bar, while allowing them to view the images on when visiting the webpages.
I tried the following .htaccess code:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www\.)?localhost [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?localhost.*$ [NC]
RewriteRule \.(gif|jpg|png)$ - [F]
However, it not only restricts direct URL access, but also hides all of images even when visiting the webpage. Now my website looks like a page of text with a lot of image holes.
Can anyone tell me why the above .htaccess doesn't work?
I found it here (htaccess) How to prevent a file from DIRECT URL ACCESS?, but I don't have enough reputation to ask in that post, because I just created this account to post this question.
Thanks.
Returns 403 (Forbidden) if you access image directly, but allows them to be displayed on site. It works, but testing can be tricky/misleading. Read about it in questions/10236717/htaccess-how-to-prevent-a-file-from-direct-url-access
Another way to prevent hotlinking is like this (from: htaccess generators
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
I have an issue writing some regex to go inside my htaccess file.
Basically, my site has been setup so that index.php and all other site files are not in the root (public_html) directory but instead are in http://fitnessquiz.co.uk/fitnessquiz.co.uk/
Initially I tried the following in my public_html folder:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^fitnessquiz.co.uk$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www.fitnessquiz.co.uk$
RewriteCond %{REQUEST_URI} !fitnessquiz.co.uk/
RewriteRule (.*) /fitnessquiz.co.uk/$1 [L]
which correctly navigates to my homepage and displays the url correctly but then when I click any link I get a "no input file specified" message. So then I tried replacing with:
RewriteCond %{REQUEST_URI} !^/fitnessquiz.co.uk/
RewriteRule ^(.*)$ /fitnessquiz.co.uk/$1 [L,R=301]
After which the site works but every url looks like this:
http://fitnessquiz.co.uk/fitnessquiz.co.uk/someotherfolder/etc.php
I've tried various htaccess regex solutions listed elsewhere on here but none seem to work, how do I accomplish both of these things i.e. redirect to /fitnessquiz.co.uk for every url but hide the duplicate url name/folder. Im on a shared server so don't have permissions to change any server/apache settings directly.
According to this answer by nuked on a previous post you could try:
RewriteCond %{THE_REQUEST} ^GET\ /fitnessquiz.co.uk/
RewriteCond %{HTTP_HOST} ^(www\.)?fitnessquiz.co.uk$
RewriteRule ^fitnessquiz.co.uk/(.*) /$1 [L,R=301]
RewriteCond %{HTTP_HOST} ^(www\.)?fitnessquiz.co.uk$
RewriteRule !^fitnessquiz.co.uk/ fitnessquiz.co.uk%{REQUEST_URI} [L]
This set of rules worked for me on a very similar situation. I had employed the same cure, (re-direct if calling the folder and hide after re-writing it) but I never got the order right on my own. Thus I kept seeing the page not found errors too. Below is my attempt to explain the actions, for my own learning, hopefully others too.
RewriteCond %{THE_REQUEST} ^GET\ /fitnessquiz.co.uk/
Is asking the question, does THE_REQUEST contain the subfolder you need to hide?
RewriteCond %{HTTP_HOST} ^(www\.)?fitnessquiz.co.uk$
Checks if the request is for the correct host.
RewriteRule ^fitnessquiz.co.uk/(.*) /$1 [L,R=301]
Rewrite the URL as one without the subfolder and call the new link in the redirected browser. Note:
L : Last step. Stop processing other rules
R=301 : After re-writing, redirect the browser to the new URL.
When the page is redirected it has no subfolder so the first RewriteRule is skipped. And then
RewriteCond %{HTTP_HOST} ^(www\.)?fitnessquiz.co.uk$
checks if calling the right host. And then
RewriteRule !^fitnessquiz.co.uk/ fitnessquiz.co.uk%{REQUEST_URI} [L]
rewrites the url that has not the subfolder to use the correct subfolder without redirecting the page, and while hiding actual subfolder from the browser. Again note:
L : Last step. Stop processing other rules
We only want users from a specific website to use our services. Is there a way to redirect all traffic that does not come from a specific referrer, to a website of our choosing, via htaccess?
Also, this is for the first page only. So if they get to our site, they're going to browse a new page, and their referrer for the new page would apparently be the site they are already on.
Thank you!
Try adding this in the htaccess file in your document root:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://the-ok-domain.com [NC]
RewriteRule ^/?first-page.html$ http://the-website-of-your-choosing.com/ [L,R]
You could also make it so you add your own domain to the referer check:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://the-ok-domain.com [NC]
RewriteCond %{HTTP_REFERER} !^http://your-domain.com [NC]
RewriteRule ^ http://the-website-of-your-choosing.com/ [L,R]
Then you can include all of your pages in the check.
Note that referers can be easily forged and any htaccess file using mod_rewrite in any of your subdirectories will supercede these rules (unless those htaccess files have the RewriteOptions inheret option set)
Didn't work for me, I've made this small change to redirect traffic from google:
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^(.*)\.google\.(.*) [NC]
RewriteRule ^(.*)$ https://www.my-site.it/$1 [L,R]
Dear folks,
Imagine a One Page Site
RewriteCond %{HTTP_HOST} ^1pagesite.org$
RewriteRule ^$ 1pagesite.php [L]
Currently, the home page does present the 1pagesite.php correctly.
However, when another file is requested say, test.php which is on the server indeed, that test.php is shown!, while I would like to point ALL and ANY trafic towards 1pagesite.php for the time being. How to make this happen sothat no other file or folder/file or anything after this domain is presented and everything is directed towards 1pagesite.php?
Thanks very much for hints and suggestions to solve this puzzle. Cheers, Sam
RewriteRule ^.*(html|php)$ 1pagesite.php [L]
Note: This redirects only request to .html and .php pages
Can you try this rule:
RewriteCond %{HTTP_HOST} ^1pagesite.org$ [NC]
RewriteCond %{REQUEST_URI} !1pagesite.php$
RewriteRule \.(php|html)$ /1pagesite.php [R=302,L]
to redirect only php and html pages to 1pagesite.php
Your redirection only match ^$ that is to say only the root page (empty string).
RewriteCond %{HTTP_HOST} ^1pagesite.org$
RewriteRule ^.*$ 1pagesite.php [L]
So every request will be redirected to 1pagesite.php page (images, css, ... as Sander said).
If you need to filter some content you can add a
RewriteCond %{REQUEST_FILENAME} !^.*\.(css|jpg)$
to enable .css and .jpg file from your / directory to be served. This can be customized for other subdirecories files etc...