使用htaccess进行图像保护

发布于 2024-12-13 22:51:36 字数 1290 浏览 0 评论 0原文

我即将推出一个摄影网站，并希望为我的图像提供一些保护。我在网上搜索的结果如下：

#Set FollowSymLinks, in most cases already set on the server
Options +FollowSymLinks
#Enable Indexes
Options +Indexes
#Turn on the Rewrite Engine
RewriteEngine on
#Allow my domain
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?mydomain.com [NC]
#Allow another domain
#RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?anotherdomain.com [NC]
#Allow blank referrers or delete this line to block them
#Deleting this line also blocks access to images by filepaths
RewriteCond %{HTTP_REFERER} !^$
#Allow search engines
RewriteCond %{HTTP_REFERER} !google. [NC]
RewriteCond %{HTTP_REFERER} !search?q=cache [NC]
RewriteCond %{HTTP_REFERER} !msn. [NC]
RewriteCond %{HTTP_REFERER} !yahoo. [NC]
#File types to be blocked
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
#OR
#First allow an image to be hotlinked to avoid looping
#RewriteCond %{REQUEST_URI} !^mydomain.com/image/hotlinker.gif$
#Then display it as a custom image
#RewriteRule .(jpg|jpeg|png|gif)$ mydomain.com/image/hotlinker.gif [NC,R,L]

1）有没有一种方法可以阻止通过输入其文件路径来调用图像，而不涉及阻止空白引荐来源网址？我在一些情况下想这样做，但不是整个网站。

2) 我是否有正确的代码来允许 Google、MSN 和 Yahoo 正确访问我的图像？

3）我拥有的代码是从多个来源合并的。由于我不了解语法，我想知道为什么只有第一个没有替代图像的 RewriteRule 以 \ 开头，而不是第二个？

感谢任何反馈，谢谢。

原文

I am close to launching a photography website and want to give some protection to my images. I have the following as a result of searching on the web:

#Set FollowSymLinks, in most cases already set on the server
Options +FollowSymLinks
#Enable Indexes
Options +Indexes
#Turn on the Rewrite Engine
RewriteEngine on
#Allow my domain
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?mydomain.com [NC]
#Allow another domain
#RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?anotherdomain.com [NC]
#Allow blank referrers or delete this line to block them
#Deleting this line also blocks access to images by filepaths
RewriteCond %{HTTP_REFERER} !^$
#Allow search engines
RewriteCond %{HTTP_REFERER} !google. [NC]
RewriteCond %{HTTP_REFERER} !search?q=cache [NC]
RewriteCond %{HTTP_REFERER} !msn. [NC]
RewriteCond %{HTTP_REFERER} !yahoo. [NC]
#File types to be blocked
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
#OR
#First allow an image to be hotlinked to avoid looping
#RewriteCond %{REQUEST_URI} !^mydomain.com/image/hotlinker.gif$
#Then display it as a custom image
#RewriteRule .(jpg|jpeg|png|gif)$ mydomain.com/image/hotlinker.gif [NC,R,L]

1) Is there a way to stop an image being called up by entry of its filepath that does not involve blocking blank referrers? I have a few instances where I would like to do this, but not the entire site.

2) Do I have the correct code to allow Google, MSN and Yahoo proper access to my images?

3) The code I have is merged from more than one source. As I have no knowledge of the syntax, I’m wondering why only the first RewriteRule without a substitute image starts with a \ and not the second one?

Appreciate any feedback, thanks.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

浸婚纱 2024-12-20 22:51:36

1) 有没有一种方法可以阻止通过输入图像的文件路径来调用图像，并且不涉及阻止空白引荐来源网址？我在一些情况下希望这样做，但不是整个网站。

我认为没有办法，但您可以在 RewriteCond 中列出一组单独的规则的例外情况：

# Check to see if referer is blank
RewriteCond %{HTTP_REFERER} ^$
# Check to see if it isn't one of the files we're going to allow blank referers
RewriteCond %{REQUEST_URI} !^/images/allow_blank_referer/
RewriteCond %{REQUEST_URI} !profile_picture\.png$
# Block images
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]

该示例将阻止所有空白引用，除了来自 /images/allow_blank_referer/ 的任何请求图像和任何以 profile_picture.png 结尾的图像。

2) 我是否有正确的代码来允许 Google、MSN 和 Yahoo 正确访问我的图像？

不，您的 .htaccess 中包含这些行：

RewriteCond %{HTTP_REFERER} !google. [NC]
RewriteCond %{HTTP_REFERER} !search?q=cache [NC]
RewriteCond %{HTTP_REFERER} !msn. [NC]
RewriteCond %{HTTP_REFERER} !yahoo. [NC]

只需允许加载从 google/msn/yahoo 及其搜索缓存链接的图像的人即可。例如，如果有人在谷歌上进行图像搜索并点击您的一张图像，您不会阻止他们。

为了确保 google、msn 和 yahoo 机器人不会被阻止，您需要检查 HTTP_USER_AGENT，例如，在您可以插入的重写条件下：

RewriteCond %{HTTP_USER_AGENT} !googlebot [NC]
RewriteCond %{HTTP_USER_AGENT} !msnbot [NC]
RewriteCond ${HTTP_USER_AGENT} !slurp [NC]

如果这 3 件事中的任何一个是，则这些将绕过引用检查存在于用户代理（slurp = Yahoo！）中，您可以从 http://www.robotstxt.org/db.html

3) 我拥有的代码是从多个来源合并的。由于我不了解语法，我想知道为什么只有第一个没有替换图像的 RewriteRule 以 \ 开头，而不是第二个？

第一个有一个“\”来转义“.”。这 ”。”正则表达式中的任何内容都匹配，有点像通配符，“\”对其进行转义，意思是“我真正的意思是句点而不是通配符”。注释掉的 RewriteRule 缺少“\”，可能是因为有人偷懒。它仍然会匹配以 .gif 结尾的请求，但它也会匹配以 zgif 结尾的请求，而第一个 RewriteRule 则不会。如果您打算使用注释掉的 RewriteRule（如果您这样做，请确保注释掉 RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]），我建议在第一个句点前面加上“\”。

1) Is there a way to stop an image being called up by entry of its filepath that does not involve blocking blank referrers? I have a few instances where I would like to do this, but not the entire site.

I don't think there's a way, but you can list the exceptions in RewriteCond for a separate set of rules:

# Check to see if referer is blank
RewriteCond %{HTTP_REFERER} ^$
# Check to see if it isn't one of the files we're going to allow blank referers
RewriteCond %{REQUEST_URI} !^/images/allow_blank_referer/
RewriteCond %{REQUEST_URI} !profile_picture\.png$
# Block images
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]

That example will block all blank referers, except any requesting images from /images/allow_blank_referer/ and any image that ends with profile_picture.png.

2) Do I have the correct code to allow Google, MSN and Yahoo proper access to my images?

No, these lines you have in your .htaccess:

RewriteCond %{HTTP_REFERER} !google. [NC]
RewriteCond %{HTTP_REFERER} !search?q=cache [NC]
RewriteCond %{HTTP_REFERER} !msn. [NC]
RewriteCond %{HTTP_REFERER} !yahoo. [NC]

Simply allow people who load an image linked from google/msn/yahoo and their search caches. For example, if someone does an image search on google and clicks on one of your images, you won't block them.

What you'd want to do to ensure google, msn, and yahoo bots won't be blocked is to check the HTTP_USER_AGENT, for example, underneath those rewrite conditions you can insert:

RewriteCond %{HTTP_USER_AGENT} !googlebot [NC]
RewriteCond %{HTTP_USER_AGENT} !msnbot [NC]
RewriteCond ${HTTP_USER_AGENT} !slurp [NC]

Those will bypass referer checks if any of those 3 things are present in the user agent (slurp = Yahoo!), you can get a list of user-agents from places like http://www.robotstxt.org/db.html

3) The code I have is merged from more than one source. As I have no knowledge of the syntax, I’m wondering why only the first RewriteRule without a substitute image starts with a \ and not the second one?

The first has a "\" to escape the ".". The "." in a regular expression matches anything, kind of like a wildcard and the "\" escapes it, meaning "I really mean the period and not the wildcard". The commented out RewriteRule is missing "\" probably because someone was being lazy. It will still match a request ending in, for example, .gif, but it will also match something ending in zgif whereas the first RewriteRule would not. If you are going to use the commented out RewriteRule (if you do, make sure to comment out RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]), I'd suggest putting a "\" in front of that first period.

回复收藏 0 原文

听闻余生 2024-12-20 22:51:36

因此，我更正后的进入根目录的代码将如下所示。

#Set FollowSymLinks, in most cases already set on the server
Options +FollowSymLinks
#Enable Indexes
Options +Indexes
#Turn on the Rewrite Engine
RewriteEngine on
#Allow my domain
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?mydomain.com [NC]
#Allow another domain
#RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?anotherdomain.com [NC]
#Allow blank referrers or delete this line to block them
#Deleting this line also blocks access to images by filepaths
RewriteCond %{HTTP_REFERER} !^$
#Allow users to follow images from search engines
RewriteCond %{HTTP_REFERER} !google. [NC]
RewriteCond %{HTTP_REFERER} !search?q=cache [NC]
RewriteCond %{HTTP_REFERER} !msn. [NC]
RewriteCond %{HTTP_REFERER} !yahoo. [NC]
#Ensure search engines aren't blocked from indexing images (slurp is yahoo)
RewriteCond %{HTTP_USER_AGENT} !googlebot [NC]
RewriteCond %{HTTP_USER_AGENT} !msnbot [NC]
RewriteCond ${HTTP_USER_AGENT} !slurp [NC]
#File types to be blocked
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
#OR
#First allow an image to be hotlinked to avoid looping
#RewriteCond %{REQUEST_URI} !^mydomain.com/image/hotlinker.gif$
#Then display a custom image
#RewriteRule \.(jpg|jpeg|png|gif)$ mydomain.com/image/hotlinker.gif [NC,R,L]

关于我的问题1），我的场景是一个专用文件夹，其中包含一些我试图提供一些保护的图像（我已经完成了所有明显的html和javascript内容，我知道这些内容并不能完全证明）。

如果我在其中放置 .htaccess 来停止图像缓存或索引（尽管我的 robots.txt 应该阻止这种情况），是否也可以检测非空白引荐来源网址并仅对其应用文件路径限制？只留下空白的引用者，可以通过文件路径检索图像。

我的 .htaccess 看起来像这样，根据我上面的问题：

<FilesMatch "\.(jpg|jpeg|png|gif|bmp)$">
Header set Cache-Control: "no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0"
</FilesMatch>
#Set FollowSymLinks, in most cases already set on the server
Options +FollowSymLinks
#Enable Indexes
Options +Indexes
#Turn on the Rewrite Engine
RewriteEngine on
#Allow my domain
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?mydomain.com [NC]
#TEST HERE IF THE USER IS NOT A BLANK REFERRER
?????????????????????????????
#IF NOT BLOCK ACCESS TO IMAGES BY ENTERING FILEPATH
RewriteCond %{HTTP_REFERER} ^$
#File types to be blocked
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]

我希望这是有道理的。谢谢

So my corrected code to go in the root directory would look like this.

#Set FollowSymLinks, in most cases already set on the server
Options +FollowSymLinks
#Enable Indexes
Options +Indexes
#Turn on the Rewrite Engine
RewriteEngine on
#Allow my domain
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?mydomain.com [NC]
#Allow another domain
#RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?anotherdomain.com [NC]
#Allow blank referrers or delete this line to block them
#Deleting this line also blocks access to images by filepaths
RewriteCond %{HTTP_REFERER} !^$
#Allow users to follow images from search engines
RewriteCond %{HTTP_REFERER} !google. [NC]
RewriteCond %{HTTP_REFERER} !search?q=cache [NC]
RewriteCond %{HTTP_REFERER} !msn. [NC]
RewriteCond %{HTTP_REFERER} !yahoo. [NC]
#Ensure search engines aren't blocked from indexing images (slurp is yahoo)
RewriteCond %{HTTP_USER_AGENT} !googlebot [NC]
RewriteCond %{HTTP_USER_AGENT} !msnbot [NC]
RewriteCond ${HTTP_USER_AGENT} !slurp [NC]
#File types to be blocked
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
#OR
#First allow an image to be hotlinked to avoid looping
#RewriteCond %{REQUEST_URI} !^mydomain.com/image/hotlinker.gif$
#Then display a custom image
#RewriteRule \.(jpg|jpeg|png|gif)$ mydomain.com/image/hotlinker.gif [NC,R,L]

With regard to my question 1), the scenario I have is a dedicated folder containing a few images that I am trying to offer some protection (I have done all the obvious html and javascript stuff which I know is not full proof).

If I put an .htaccess in there to stop the images caching or being indexed (although my robots.txt should prevent this) would it be possible also to detect non blank referrers and apply the file path restriction just to them? Leaving just blank referrers who can retrieve the images via file path.

My .htaccess would look something like this, subject to my question above:

<FilesMatch "\.(jpg|jpeg|png|gif|bmp)$">
Header set Cache-Control: "no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0"
</FilesMatch>
#Set FollowSymLinks, in most cases already set on the server
Options +FollowSymLinks
#Enable Indexes
Options +Indexes
#Turn on the Rewrite Engine
RewriteEngine on
#Allow my domain
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?mydomain.com [NC]
#TEST HERE IF THE USER IS NOT A BLANK REFERRER
?????????????????????????????
#IF NOT BLOCK ACCESS TO IMAGES BY ENTERING FILEPATH
RewriteCond %{HTTP_REFERER} ^$
#File types to be blocked
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]

I hope this makes sense. Thanks

回复收藏 0 原文

~没有更多了~