I use this as anti-hotlink protection for images. example.com is the domain which is allowed to hotlink images while all other domains are denied. This code also allows direct requests to image files using a browser's URL bar, but not hotlinking from another site.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://example.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://example.com$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.com$ [NC]
RewriteRule .*\.(.*.*.*gif|jpg|jpeg|png|bmp|tif|tiff)$ [url]http://example.com/403.shtml[/url] [R,NC]

This example blocks entire file extensions. As an alternative, does anyone know how to change the info in the last line of this so that it will block hotlink access to a specific file such as example.jpg or even example.php?

Prevent Hot Linking section

The only anti-hotlink code I found on that page blocks entire extensions and not single files. I need to block hotlink access to a single PHP file.

I use this as anti-hotlink protection for images. example.com is the domain which is allowed to hotlink images while all other domains are denied. This code also allows direct requests to image files using a browser's URL bar, but not hotlinking from another site.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://example.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://example.com$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.com$ [NC]
RewriteRule .*\.(.*.*.*gif|jpg|jpeg|png|bmp|tif|tiff)$ [url]http://example.com/403.shtml[/url] [R,NC]

This example blocks entire file extensions. As an alternative, does anyone know how to change the info in the last line of this so that it will block hotlink access to a specific file such as example.jpg or even example.php?

Vectro:

To restrict access to a specific file, add the following code block and edit the file name, “secretfile.php”, with the name of the file that you wish to protect:

You can put this in a your site's root .htaccess or an .htaccess of it's own in the directory that contains /path/to/secretfile.php.

# prevent viewing of a specific file
<files secretfile.php>
 order allow,deny
 deny from all
</files>

Sometimes I will make you do the work, and sometimes I won't.
Here's a freebie: http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/

Vectro:

To restrict access to a specific file, add the following code block and edit the file name, “secretfile.php”, with the name of the file that you wish to protect:

You can put this in a your site's root .htaccess or an .htaccess of it's own in the directory that contains /path/to/secretfile.php.

# prevent viewing of a specific file
<files secretfile.php>
 order allow,deny
 deny from all
</files>

Sometimes I will make you do the work, and sometimes I won't.
Here's a freebie: http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/

I believe your code would restrict ALL access to that file, not just hotlinkers. So, I don't believe this would help me. I'm also aware of the page you linked. It includes examples of hotlink protection for entire extensions, but not for individual files.

I think someone in another forum has showed me something more along the lines of what I need. I haven't test it yet, but just to show you:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example.com/ [NC]
RewriteRule ^browse\.php$ http://example.com/403.shtml [R,NC]

I think this would restrict hotlink access to browse.php while still alowing example.com to link to it and would also allow direct requests via the URL bar in the browser. Can anyone confirm this?

I finally got around to testing the above code myself and it worked perfectly.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.