1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hotlink protection feature interfering with .htaccess

Discussion in 'General Discussion' started by skulluminati, Jul 29, 2011.

  1. skulluminati

    skulluminati New Member

    Joined:
    Jul 29, 2011
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    I would like to use hotlink protection for a website I administer but allow facebook to pull images for link thumbnails. I've tried enabling hotlink protection and using different variations of the facebook url, maybe I'm not using the right one but it doesn't work for me.

    What I want to do is disable hotlink protection in cPanel and use the following in .htaccess

    Code:
    RewriteCond %{HTTP_REFERER} !^http://mysite.com/.*$      [NC]
    RewriteCond %{HTTP_REFERER} !^http://mysite.com$      [NC]
    RewriteCond %{HTTP_REFERER} !^http://www.mysite.com/.*$      [NC]
    RewriteCond %{HTTP_REFERER} !^http://www.mysite.com$      [NC]
    RewriteCond %{HTTP_REFERER} !^https?://(www\.)?facebook\.com [NC]
    
    However cPanel almost immediately re-enables hotlink protection automatically trying to use my settings from .htaccess and the rewrite condition to allow facebook doesn't work.

    Is there a way to block cPanel from handling hotlink protection so I can do this with .htaccess or a way I can properly add facebook to the list of allowed sites in cPanel?
     
  2. cPanelTristan

    cPanelTristan Active Member
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,621
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    Rather than enabling hotlink protection in cPanel, simply disable it and revise .htaccess manually. I'm uncertain why cPanel would revise your .htaccess directly unless you have hotlinking enabled, and if you don't enable it, you should be able to add whatever entries you would like in .htaccess
     
  3. skulluminati

    skulluminati New Member

    Joined:
    Jul 29, 2011
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    When I disable hotlink protection in cPanel and add the previously mentioned code snippet to .htaccess I go back to cPanel and find that hotlink protection is automatically re-enabled with the urls which I have added to .htaccess. the rewrite condition for facebook is included in the allow list as https?://(www\.)?facebook\.com and doesn't work. Disabling hotlink protection in cPanel and manually editing .htaccess is exactly what I've been trying to do. But manually editing .htaccess with these changes seems to automatically re-enable hotlink protection in .htaccess. No matter what I do cPanel seems to take over hotlink protection for me and it isn't working properly. What I need is a way to block cPanel from hijacking this functionality or I need the correct url to add to cPanel's allow list to allow facebook to pull thumbnails. I've tried Welcome to Facebook - Log In, Sign Up or Learn More, https://facebook.com, Welcome to Facebook - Log In, Sign Up or Learn More and https://www.facebook.com none of which allow facebook to pull the thumbnail images.
     
  4. skulluminati

    skulluminati New Member

    Joined:
    Jul 29, 2011
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Okay I found the problem in .htaccess, what I needed was

    RewriteCond %{HTTP_REFERER} .

    To allow facebook since it doesn't have a referer. Problem solved.
     
  5. Ed_alex

    Ed_alex New Member

    Joined:
    Oct 23, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Unfortunately, enable and disable does not work. The broken cPanel HotLink Protection Tool is always on and you cannot turn it off since disable is also broken. Thank you.

    Please see these threads
    WordPress › Support » Broken cPanel HotLink Protection Tool - 404 errors, unable to edit files

    WordPress › Support » bulletproof-security.0.47.5 not working
     
  6. cPanelTristan

    cPanelTristan Active Member
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,621
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    If you believe there is a bug, then please submit a bug report => http://go.cpanel.net/bugs

    That is the accepted method for bug submission.

    Thanks!
     

Share This Page