A few weeks ago I thought I would be cool and make life hard for people who want to steal my bandwidth by linking to my images from their webpages. Not that I have many images to steal, but I thought it was a good idea for if I ever did. (I got the idea from not.so.soft, but I can't find it again.) I did this with mod_rewrite:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://niceperson.org/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.niceperson.org/.*$ [NC]
ReWriteRule .*\.(gif|png|jpg)$ - [N,F,L]
This worked fine, and I didn't think anything more about it, even when Maggie complained that some of my images didn't work any more in IE. Then I noticed this kind of 403 in my logs:
$IP_ADDRESS - - [$DATE] "GET /images/$IMAGE.jpg HTTP/1.1" 403 328 "http://www.niceperson.org" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)"
First I thought I might have blocked that user-agent, but then I realized that I had been matching the trailing slash at the end of the domain, and this one version of MSIE doesn't send the trailing slash in the referrer field. So the requests were 403'ing! I have removed the slash from my patterns, but I find it rather amusing that of all the user-agents that have looked at my page, this is the only one with this quirk.
Kevin says:
I find the recent craze of using mod_rewrite for everything a little strange. The same kind of trick can be achieved using mod_access:
It's not that mod_rewrite isn't extremely cool, because it is, I love it, it's just a bit overkill in some cases. Maybe I'm just a cranky old fart.