Is there any way?

I have a small php script i want to run each time somthing is accessed on my
server, pictures, movies, html... everything

sorta like a header on every single file, is that possible?


its a bandwidth script, to stop people from linking files from outside my
site....

im not sure if theres a proper way to do this but this is the only way i can
think of to get it to work

On Thu, 8 Jul 2004 23:50:54 -0400, "Sir_Civik" <sir@sircivik.ca>
wrote:

>I have a small php script i want to run each time somthing is accessed on my
>server, pictures, movies, html... everything
>
>sorta like a header on every single file, is that possible?
>
>
>its a bandwidth script, to stop people from linking files from outside my
>site....
>
>im not sure if theres a proper way to do this but this is the only way i can
>think of to get it to work
>

You could try to serve everything "through" the PHP script, but that
would decrease your flexibility since, as far as I'm aware, PHP can't
start Apache sub-requests to handle CGI scripts, PHP scripts, etc.

You can do this much more efficiently with mod_rewrite, assuming
you're using Apache. Here's an example of how to "block" requests for
disk-based images based on the HTTP referer (sic) header:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www\.domain\.com/.*$ [NC]
RewriteCond %{REQUEST_URI} !^/public_image\.jpg
RewriteRule .*\.(jpg|gif|png)$ - [F]

The first two RewriteCond lines "turn off" the rewrite rule if there
is no referer header or if the referer header is from your domain. If
you also allow it without the "www" you need a separate line for that,
although I usually take the approach of redirecting one to the other
so that my site only has one canonical URL.

The final RewriteCond line is an example of how to allow one specific
image to be linked from offsite.

The final line is the rule itself: any URLs ending in .jpg, .gif or
..png are Forbidden.

Technically, you should also add a "Vary" header to the response to
tell any intermediate caches that the Referer header affects the
response, but I know of no easy way to make Apache add headers with
the standard modules.

For the above to work, you must have mod_rewrite loaded. It's compiled
into the distribution from Apache.org, so unless you compiled it
yourself you should have it.

Good luck,
-Claire

ok i thank you for all the help

i know where to enable the module, but where do i put thoes lines?

basiclly i just one 1 directory that's going to have pictures in it to not
be leeched, i'm going to have these on my site, and a few of them imbedded
in a forum, but that's where they'll be stolen from, i don't care if people
save them, i just don't want to host it as it goes from forum to forum... i
just want them to be allowd on the one

I already have a custom 403 document, will doing this show them that or can
i set it to show one specific to leeching that i made?

thanks in advace


"Claire Tucker" <fake@invalid.invalid> wrote in message
news:oodte09nr7eh4ptitang8f9codbtbktcfe@4ax.com...
> On Thu, 8 Jul 2004 23:50:54 -0400, "Sir_Civik" <sir@sircivik.ca>
> wrote:
>
> >I have a small php script i want to run each time somthing is accessed on
my
> >server, pictures, movies, html... everything
> >
> >sorta like a header on every single file, is that possible?
> >
> >
> >its a bandwidth script, to stop people from linking files from outside my
> >site....
> >
> >im not sure if theres a proper way to do this but this is the only way i
can
> >think of to get it to work
> >
>
> You could try to serve everything "through" the PHP script, but that
> would decrease your flexibility since, as far as I'm aware, PHP can't
> start Apache sub-requests to handle CGI scripts, PHP scripts, etc.
>
> You can do this much more efficiently with mod_rewrite, assuming
> you're using Apache. Here's an example of how to "block" requests for
> disk-based images based on the HTTP referer (sic) header:
>
> RewriteEngine on
> RewriteCond %{HTTP_REFERER} !^$
> RewriteCond %{HTTP_REFERER} !^http://www\.domain\.com/.*$ [NC]
> RewriteCond %{REQUEST_URI} !^/public_image\.jpg
> RewriteRule .*\.(jpg|gif|png)$ - [F]
>
> The first two RewriteCond lines "turn off" the rewrite rule if there
> is no referer header or if the referer header is from your domain. If
> you also allow it without the "www" you need a separate line for that,
> although I usually take the approach of redirecting one to the other
> so that my site only has one canonical URL.
>
> The final RewriteCond line is an example of how to allow one specific
> image to be linked from offsite.
>
> The final line is the rule itself: any URLs ending in .jpg, .gif or
> .png are Forbidden.
>
> Technically, you should also add a "Vary" header to the response to
> tell any intermediate caches that the Referer header affects the
> response, but I know of no easy way to make Apache add headers with
> the standard modules.
>
> For the above to work, you must have mod_rewrite loaded. It's compiled
> into the distribution from Apache.org, so unless you compiled it
> yourself you should have it.
>
> Good luck,
> -Claire

On Fri, 9 Jul 2004 13:13:18 -0400, "Sir_Civik" <sir@sircivik.ca>
wrote:
>"Claire Tucker" <fake@invalid.invalid> wrote in message
>news:oodte09nr7eh4ptitang8f9codbtbktcfe@4ax.com.. .
>> On Thu, 8 Jul 2004 23:50:54 -0400, "Sir_Civik" <sir@sircivik.ca>
>> wrote:
>>
>> >I have a small php script i want to run each time somthing is accessed on
>my
>> >server, pictures, movies, html... everything
>> >
>> >sorta like a header on every single file, is that possible?
>> >
>> >
>> >its a bandwidth script, to stop people from linking files from outside my
>> >site....
>> >
>>
>> You can do this much more efficiently with mod_rewrite, assuming
>> you're using Apache. Here's an example of how to "block" requests for
>> disk-based images based on the HTTP referer (sic) header:
>>
[snip example and explanation]
>
>i know where to enable the module, but where do i put thoes lines?

In a global part of your httpd.conf should be fine.

>basiclly i just one 1 directory that's going to have pictures in it to not
>be leeched, i'm going to have these on my site, and a few of them imbedded
>in a forum, but that's where they'll be stolen from, i don't care if people
>save them, i just don't want to host it as it goes from forum to forum... i
>just want them to be allowd on the one

If you only want to affect a specific path, you will have to adjust
those rules a bit:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www\.domain\.com/.*$ [NC]
RewriteCond %{REQUEST_URI} ^/filtered_path/
RewriteRule .*\.(jpg|gif|png)$ - [F]

Notice that I've changed the last RewriteCond line so that the rule
will only take effect for URLs which start with /filtered_path/.
Adjust this path to suit your needs.

>I already have a custom 403 document, will doing this show them that or can
>i set it to show one specific to leeching that i made?
>

Apache should serve up your current 403 document. If you want to
change this, having an extra ErrorDocument directive in a context only
used by the filtered_path will work. However, even if you make your
403 document an image browsers will not display it as the 403 response
signals an error regardless of the content-type.

Best of luck,
-Claire

thank you so much, i got it working perfectly!

1 final thing you said caught my eye

>I usually take the approach of redirecting one to the other
>so that my site only has one canonical URL.

does that mean if people connect with or without the www, it'll add it in
automaticly?

if so how do i set that up?

On Fri, 9 Jul 2004 17:44:12 -0400, "Sir_Civik" <helpme@sircivik.ca>
wrote:
>
>>I usually take the approach of redirecting one to the other
>>so that my site only has one canonical URL.
>
>does that mean if people connect with or without the www, it'll add it in
>automaticly?
>
>if so how do i set that up?
>

On my sites I usually just do it with name-based virtualhosts, having
one default virtualhost with the redirect and another which specifies
the full hostname. However, probably achieve similar results with
mod_rewrite again to make things easier.

Something like this should do the trick:

RewriteCond %{HTTP_HOST} !^www.site.com$
RewriteCond %{HTTP_HOST} !^$
RewriteRule /(.*) http://www.site.com/$1 [R]

Here the RewriteCond causes this rule to only be active if the
hostname specified isn't the correct hostname. Assuming that condition
succeeds (the hostname is wrong) it redirects to the correct URI. The
[R] flag causes an external redirect, so the browser will recieve a
redirect response and should correct the URI displayed and re-request
the on correct URI.

The second RewriteCond line is there to handle any old clients which
don't send a Host: header. In the absense of this, they will just get
redirected over and over and never get a result.

I've not tested the above rules, but they should work with perhaps
some minor alterations. Hopefully by now you know roughly how these
things work so you can adapt the above example.

Take care,
-Claire