Home >Backend Development >PHP Tutorial >php image file download file anti-hotlink setting method_PHP tutorial

php image file download file anti-hotlink setting method_PHP tutorial

WBOYOriginal: 2016-07-13 17:10:58878browse

The simplest way to prevent hotlinking in PHP is to use PHP's $_SERVER['HTTP_REFERER'] function to operate. However, this method is unreliable. We will eventually need to use apache and iis to operate. Below I Shared introduction, friends in need can refer to it.

php anti hotlink

The code is as follows

代码如下	复制代码
session_start(); session_register(‘check’); $_SESSION[‘check’]=true; ?>

Copy code

代码如下

复制代码

session_start();
$refs = parse_url($_SERVER['HTTP_REFERER']); //分解参考网页资讯
//检查首页session及来源主机是否相同
if(!($_SESSION['check']) || $refs['host'] != $_SERVER['HTTP_HOST'])
exit;

session_start();

session_register(‘check’);

$_SESSION[‘check’]=true;

Check the session variable to determine whether to visit the homepage. And check whether his source web page reference (HTTP_REFERER) comes from a web page on the local website.

Here’s how:

The code is as follows

代码如下	复制代码
SetEnvIfNoCase Referer "^" local_ref=1 Order Allow,Deny Allow from env=local_ref

Copy code

代码如下	复制代码
RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?hzhuti.com /.*$ [NC] RewriteRule .(gif\|jpg)$ abc.gif [R,L] DocumentRoot "/usr/local/apache/htdocs" #设置存放站点html文件的目录。 Options FollowSymLinks AllowOverride None

session_start();

$refs = parse_url($_SERVER['HTTP_REFERER']); //Decompose reference web page information //Check whether the homepage session and source host are the same if(!($_SESSION['check']) || $refs['host'] != $_SERVER['HTTP_HOST'])

exit;

代码如下	复制代码
[ISAPI_Rewrite] # 3600 = 1 hour CacheClockRate 3600 RepeatLimit 32 # Protect httpd.ini and httpd.parse.errors files # from accessing through HTTP RewriteCond Host: (.+) RewriteCond Referer: (?!http://1.). RewriteRule .*.(?:gif\|jpg\|png\|bmp) /force.gif [I,O]

Note: This can only be used to prevent hotlinking. If you know a little bit, you can crack it. Use the server to set up PHP anti-theft connection apache anti-hotlink Modify httpd.conf

The code is as follows

Copy code

SetEnvIfNoCase Referer "^" local_ref=1 Order Allow,Deny Allow from env=local_ref If you want to display a "hot linking prohibited" picture, we can use mod_rewrite to achieve this. First, when installing apache, add the --enable-rewrite parameter to load the mod_rewrite module. Assuming that the "No Hotlinking" image is abc.gif, we can configure it in httpd.conf like this:

The code is as follows

Copy code

RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?hzhuti.com /.*$ [NC] RewriteRule .(gif|jpg)$ abc.gif [R,L] DocumentRoot "/usr/local/apache/htdocs" #Set the directory where the site's html files are stored. Options FollowSymLinks AllowOverride None iis anti-hotlink Select c:RewriteRewrite.dll to execute the file httpd.ini is the configuration file Image hotlink protection code

The code is as follows

Copy code

[ISAPI_Rewrite] # 3600 = 1 hour CacheClockRate 3600 RepeatLimit 32 # Protect httpd.ini and httpd.parse.errors files # from accessing through HTTP RewriteCond Host: (.+) RewriteCond Referer: (?!http://1.*).* RewriteRule .*.(?:gif|jpg|png|bmp) /force.gif [I,O]

Statement：

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Previous article：PHPCMS 2008 latest vulnerability demo test detailed explanation_PHP tutorialNext article：PHPCMS 2008 latest vulnerability demo test detailed explanation_PHP tutorial

See more

php image file download file anti-hotlink setting method_PHP tutorial

Related articles