top button
Flag Notify
    Connect to us
      Facebook Login
      Site Registration

Facebook Login
Site Registration

mod_rewrite in httpd/apache?

0 votes

I am a bit confused about the mod_rewrite documentation. It shows this rule to block hotlinking:

RewriteCond "%{HTTP_REFERER}" "!^$"
RewriteCond "%{HTTP_REFERER}" "!" [NC]
RewriteRule ".(gif|jpg|png)$" "-" [F,NC]

however, I'd think a better rule would be:

RewriteCond "%{HTTP_REFERER}" "^$" [OR]
RewriteCond "%{HTTP_REFERER}" "!(www.)?*$" [OR,NC]
RewriteRule ".(gif|jpg|png)$" "-" [F,NC]

if I want to block anyone manually typing in a link (no referer) + hotlinking (probably has a referer). Do i need the [OR] on the 1st
RewriteCond and not the 2nd one? It seems to work with OR on both conditions.

posted Oct 12, 2015 by Ahmed Patel

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

2 Answers

0 votes
 RewriteCond "%{HTTP_REFERER}" "!^$"
 RewriteCond "%{HTTP_REFERER}" "!" [NC]
 RewriteRule ".(gif|jpg|png)$"  "-" [F,NC]

Thats not what I see at but that doesnt really matter. I mention it only to point out that you really should be specific when stating what documentation you are reading. In this case a URL would have been a good idea.
however, Id think a better rule would be:

RewriteCond "%{HTTP_REFERER}" "^$" [OR]
RewriteCond "%{HTTP_REFERER}" "!(www.)?*$" [OR,NC]
RewriteRule ".(gif|jpg|png)$" "-" [F,NC]

Also the [OR] on the second RewriteCond does nothing since it isnt followed by another RewriteCond. You also dont need the first RewriteCond since by definition an empty HTTP_REFERER wont match pattern.

answer Oct 12, 2015 by Naveena Garg
0 votes

If you want to forbid access to images when the referrer is empty, just remove the first RewriteCond (the case is caught by the second one already). The [OR] on the second one is ignored.

answer Oct 13, 2015 by Satish Mishra
Similar Questions
0 votes

In my apache configuration, I am using a scripting language (tcl through apache rivet) which implements a "heavy" application, something that takes some minutes to start when apache starts a new process.

Is there a way to "separate" these "heavy" apache processes from the rest of the apache?

I.e. when the url is "/my_heavy_service" redirect the request to the apache which has the "heavy" application loaded, and the rest of the requests be handled by an apache with does not even has mod_rivet loaded?

Like starting an apache on a different port (i.e. 8123), which loads my application, and starting a "normal" apache on port 80, which serves all requests except some, which are directed to the server in port 8123.

In general I think it can be done (i.e.:,
but is a way to do this in fedora 19, and keep all this "systemctl * httpd" stuff?

Has anyone attempted this?

+1 vote

In our setup, we need to do conditional-redirects. Till now, we were able to accomplish them, by using a smart combination of "RewriteCond", "RewriteRule" and "QSA".

However, we now face a situation, wherein we need to do re-directs, only if the original-URL does not contain POST-variables/parameters (although they may contain any number of GET-variables). Going through the "mod_rewrite" documentation, I could not find any way to do conditional-redirect, for URLs containing POST-variables/parameters.

Is it even possible to accomplish via HTTPD?

+2 votes

I'm trying to set DocumentRoot and the following directory directive relative to ServerRoot:

DocumentRoot "../web"

DocumentRoot is working, but the Directory directive is not. It won't match. If I change the directory directive to an absolute path it will work. Any idea how I can get this to work?

0 votes

My System : CentOS Linux release 7.2.1511 (Core)
My Apache version : Apache/2.4.6 (CentOS)

I have configured two httpd instance.

I'm looking for a way to use "apachectl fullstatus" command for the second instance. Is this possible?

Contact Us
+91 9880187415
#280, 3rd floor, 5th Main
6th Sector, HSR Layout
Karnataka INDIA.