[PLUGIN] Anti-HotLink

ok..noticed you didn't put in img tags in /hooks/user_img.html, so I fixed that and created a fresh icon..

Icon: (put in /hotlink/images)

hotlink.jpg


Fixed code in hooks/user_img.html

PHP: 
<a class=button href="/CMD_PLUGINS/hotlink/index.html">
        <img border="0" src="/CMD_PLUGINS/hotlink/images/hotlink.jpg" width="64" height="64"><br>
        Hotlink Protection
</a>

Also found that the removal process removes TOO much in some cases.

Test sites .htaccess BEFORE using the plugin (Ruby on Rails at webroot level):

PHP: 
 # General Apache options
AddHandler fastcgi-script .fcgi
AddHandler cgi-script .cgi
Options +FollowSymLinks +ExecCGI

# If you don't want Rails to look in certain directories,
# use the following rewrite rules so that Apache won't rewrite certain requests
# 
# Example:
#   RewriteCond %{REQUEST_URI} ^/notrails.*
#   RewriteRule .* - [L]

# Redirect all requests not available on the filesystem to Rails
# By default the cgi dispatcher is used which is very slow
# 
# For better performance replace the dispatcher with the fastcgi one
#
# Example:
#   RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]
RewriteEngine On
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]

# In case Rails experiences terminal errors
# Instead of displaying this message you can supply a file here which will be rendered instead
# 
# Example:
#   ErrorDocument 500 /500.html

ErrorDocument 500 "<h2>Application error</h2>Rails application failed to start properly"

After the plugin enables the prevention:

PHP: 
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^([url]http://[/url]|[url]https://[/url])([url]www.[/url])?(platinumvibes.com).*$ [NC]
RewriteRule \.(jpe?g|gif|bmp|png)$ - [F]
# General Apache options
AddHandler fastcgi-script .fcgi
AddHandler cgi-script .cgi
Options +FollowSymLinks +ExecCGI

# If you don't want Rails to look in certain directories,
# use the following rewrite rules so that Apache won't rewrite certain requests
# 
# Example:
#   RewriteCond %{REQUEST_URI} ^/notrails.*
#   RewriteRule .* - [L]

# Redirect all requests not available on the filesystem to Rails
# By default the cgi dispatcher is used which is very slow
# 
# For better performance replace the dispatcher with the fastcgi one
#
# Example:
#   RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]
RewriteEngine On
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]

# In case Rails experiences terminal errors
# Instead of displaying this message you can supply a file here which will be rendered instead
# 
# Example:
#   ErrorDocument 500 /500.html

ErrorDocument 500 "<h2>Application error</h2>Rails application failed to start properly"

So far ok..puts the code at top..which is fine, no harm no foul. Site still works fine and images are hotlink protected. BUT if you use the plugin to remove the protection:

PHP: 
[ hmm..something missing, ya  think?]

# Redirect all requests not available on the filesystem to Rails
# By default the cgi dispatcher is used which is very slow
# 
# For better performance replace the dispatcher with the fastcgi one
#
# Example:
#   RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]
RewriteEngine On
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]

# In case Rails experiences terminal errors
# Instead of displaying this message you can supply a file here which will be rendered instead
# 
# Example:
#   ErrorDocument 500 /500.html

ErrorDocument 500 "<h2>Application error</h2>Rails application failed to start properly"

Oops. The entire section of original code is missing.

Might want to rethink the removal process. Maybe put the hotlink code within some sort of tags, check for the start tag and delete thru the end tag.
 
Updated it, so it has it's own block of code inside the .htaccess.

Just a heads up! this will change the way the plugin enables/disables! So the old files have to be manually disabled! otherwise it won't remove the old .htaccess code :s

And will probably give an internal server error page
 
Last edited:
Thanks, I'll update it right away.

BTW, feel free to include the icon and usr_img.html code in your plugin...
 
Last edited:
I'm a little confused.
the plugin is installed but it does not appear to work.

this is an image wich should have been replaced by my own antihotlink image:

logo.jpg
 
I get a black image with "Don't Steal Bandwidth...LowBudgetKillers.com...Visit our site instead" with a red m16 behind it.

You probably have the image you are displaying cached in your browser so it's showing. Clear your cache and try again.
 
ah man...
How could I forget about the cache?
:D
Thanks for telling me this... I feel really stupid now.

Anyway... It's working, wich makes me another happy customer
 
after install, i got this error when i go to admin level:

Warning: chgrp(): Operation not permitted in /usr/local/directadmin/plugins/hotlink/user/index.html on line 127 Hotlinking plugin is enabled for mydomain.com
Click to expand...

the above error occur when i click 'save' to update the setting.
 
Sorry guys. New website, cleaned up all the old directories and placed the da plugins in the wrong space. It should be working!
 
this seems to be nice plugin BUT is not it possible for users later to EDIT the settings the he has done? I can not see the settings that I did when I enter Hlink page again.
 
You must log in or register to reply here.
Back
Top