hotlinking protection doesn’t seem to work

  • Resolved Dave

    (@dvaer)


    3 years ago

    Hi,

    I’m generally very happy with this plugin and use it on various website. I decided to test the image hotlinking feature and ticked the box to prevent image hotlinking here https://[mysite]/wp-admin/admin.php?page=aiowpsec_firewall&tab=tab5

    But when I test whether an image can be hotlinked, it’s still possible to do so.
    So it looks like the feature to prevent image hotlinking doesn’t currently work.

    I’ve used this site to test: https://altlab.com/hotlinkchecker.php

    I can see this code on my .htaccess file: 

    #AIOWPS_PREVENT_IMAGE_HOTLINKS_START
<IfModule>
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} \.(gif|jpe?g?|png)$ [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(.*)?\.mywebsite\.com [NC]
RewriteRule \.(gif|jpe?g?|png)$ - [F,NC,L]
</IfModule>
#AIOWPS_PREVENT_IMAGE_HOTLINKS_END

    This is a fresh wordpress installation (version 5.8.2) with the default theme (twentytwentyone) and the latest version of AIOWPS (version 4.4.9). The site has no other plugins and no other modifications.

Viewing 1 replies (of 1 total)
  • Plugin Support vupdraft

    (@vupdraft)

    Hi,

    Could you try updating your .htacesss by replacing this,
    RewriteCond %{HTTP_REFERER} !^http(s)?://(.*)?\.mywebsite\.com [NC]
    RewriteRule \.(gif|jpe?g?|png)$ – [F,NC,L]

    With this:
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
    RewriteRule \.(jpg|jpeg|png|gif)$ – [NC,F,L]

    Does this make any difference at all?

Viewing 1 replies (of 1 total)
  • The topic ‘hotlinking protection doesn’t seem to work’ is closed to new replies.