Prevent hotlinking

Michael Shadle mike503 at gmail.com
Sun Apr 12 22:44:35 MSD 2009


And video embedding is infamous for not sending info. At least windows  
media player type embedding. Not sure if flash players are better.

On Apr 12, 2009, at 11:35 AM, Gabriel Ramuglia <gabe at vtunnel.com> wrote:

> Your browser will almost always send referrers. As mentioned,
> sometimes a security suite will block referrers. Sometimes flash won't
> send referrers when it makes requests (sometimes it will). You just
> want to also allow blank referrers in addition to the "correct"
> referrers.
>
> On Sun, Apr 12, 2009 at 10:41 AM, Max <maxbear at gmail.com> wrote:
>> Hello,
>>
>> Thanks. I tried that. But it's still not working. I am using  
>> wordpress.
>> Don't know what referrer header wordpress send.
>>
>> Max
>>
>> On Mon, Apr 13, 2009 at 12:40 AM, Michael Shadle  
>> <mike503 at gmail.com> wrote:
>>>
>>> Try
>>>
>>> "valid_referers none blocked *.etc.com etc"
>>>
>>> perhaps you're not sending a referrer header. Some "internet  
>>> security
>>> suites" do that for "privacy" and I hate them. or malfunctioning
>>> browsers or some browsers include that option now.
>>>
>>> that's the only thing I see wrong there.
>>>
>>> On Sun, Apr 12, 2009 at 8:45 AM, Max <maxbear at gmail.com> wrote:
>>>> Hello all,
>>>>
>>>> I tried to use the following code to prevent hotlinking. But it  
>>>> blockes
>>>> myself as well, anyone got any idea?
>>>>
>>>> location ~* (\.jpg|\.png|\.css)$ {
>>>>     valid_referers blocked domain.com *.domain.com;
>>>> if ($invalid_referer) {
>>>> return 404;
>>>> }
>>>> }
>>>>
>>>> Thanks.
>>>>
>>>> Max
>>>>
>>>>
>>>
>>
>>
>





More information about the nginx mailing list