The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hotlinking

Discussion in 'Database Discussions' started by spainhighlander, Apr 21, 2007.

  1. spainhighlander

    Joined:
    Dec 12, 2006
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Benidorm, Spain
    Hello folks

    Having some trouble with people hotlinking images from our site. :(

    We are in SPAIN and the overwhelming number of 'thefts are from internet users in the United States, who have absolutely no intention of visiting us.

    Is there any way that users from USA can be blocked or I an restrict acess to the website to European visitors only ?

    I understand there is not any watertight method, but any restriction on access would assist.

    Any ideas ? v:confused:

    Regards from sunny Spain.
     
  2. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Absolutely! This is actually very easy to setup with GeoIP!

    Check out http://www.maxmind.com

    Here is a basic overview ...

    For the first part:
    Code:
    cd /usr/local/src
    wget http://www.maxmind.com/download/geoip/api/c/GeoIP.tar.gz
    tar zxvf ./GeoIP.tar.gz ; rm -f ./GeoIP.tar.gz
    cd GeoIP-*
    ./configure
    make
    make check
    make install
    [code]
    
    For the second part:
    [code]
    cd /usr/local/src
    wget http://www.maxmind.com/download/geoip/api/mod_geoip/mod_geoip_1.2.9.tar.gz
    tar zxvf ./mod_geoip_1.2.9.tar.gz ; rm -f ./mod_geoip_1.2.9.tar.gz
    cd mod_geoip*
    /usr/local/apache/bin/apxs -i -a -L/usr/local/lib -I/usr/local/include -lGeoIP -c mod_geoip.c
    
    (For Apache 2, replace the URL in the wget line above instructions with the following:
    http://www.maxmind.com/download/geoip/api/mod_geoip2/mod_geoip2_1.1.8.tar.gz)

    Edit your /etc/httpd/conf/httpd.conf file and add the following
    somewhere before your vhost configurations:
    Code:
    <IfModule mod_geoip.c>
       GeoIPEnable On
       GeoIPDBFile /usr/local/share/GeoIP/GeoIP.dat
    </IfModule>
    
    <Location />
       SetEnvIfNoCase GEOIP_COUNTRY_CODE (US|CA) bad_country
       Order Allow,Deny
       Allow from all
       Deny from env=bad_country
    </Location>
    
    Restart your web server:
    /usr/local/apache/bin/apachectl restart

    In the httpd.conf code example above, I have the United States (US) and
    Canada (CA) blocked from access to your server. To block and additional
    countries, just simply add the 2 letter country code in line above.

    The country database is updated monthly at the start of every month
    and you can configure it to update automatically by dropping the
    following script into /etc/cron.monthly.

    Dont forget to "chmod +x" the script:
    Code:
    #!/bin/bash
    IFS="$"
    
    # Get the aliases and functions
    if [ -f ~/.bashrc ]; then
            . ~/.bashrc
    fi
    
    PATH=$PATH:$HOME/bin
    BASH_ENV=$HOME/.bashrc
    USERNAME="root"
    
    export USERNAME BASH_ENV PATH
    
    cd /usr/local/share/GeoIP
    
    if [ -e ./GeoIP.dat ]; then
      rm -f ./GeoIP.dat
    fi
    
    #Change paths if applicable for your server
    
    /usr/bin/wget http://www.maxmind.com/download/geoip/database/GeoIP.dat.gz
    /bin/gunzip ./GeoIP.dat.gz
    
     
    #2 Spiral, Apr 21, 2007
    Last edited: Apr 21, 2007
  3. spainhighlander

    Joined:
    Dec 12, 2006
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Benidorm, Spain
    Hi Spiral

    Many thanks for your advice. It is much appreciated. :)

    Only one minor question ... which may be obvious ...of course ...

    Are the codes provided entered on to the home page HTML or elsewhere ?

    I was thinking of it being placed in the HEAD section or even within the CSS data page

    Regards from sunny Spain
     
  4. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    I am not sure to what codes you are referring!

    Are you asking about the 2 letter country codes?

    The sample blocking code goes into your /etc/httpd/conf/httpd.conf
    file or in a .htaccess file in the account where you want the blocking
     
  5. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    576
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Mbelitar
    Hi Spiral,

    So when i want to use .htaccess i just add :

    <Location />
    SetEnvIfNoCase GEOIP_COUNTRY_CODE (US|CA) bad_country
    Order Allow,Deny
    Allow from all
    Deny from env=bad_country
    </Location>

    to .htaccess file ?

    Wow, how easy this is. So my client can setup this per domain basis.

    Thanks
     
  6. spainhighlander

    Joined:
    Dec 12, 2006
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Benidorm, Spain
    Hello Spiral

    Thank you for your update. :D

    When I used the words code, I actually meant the script you had kindly provided to use ... as in all of it.



    Showing my limited knowledge here, but, although I can see my .htaccess on the ftp client (I think that this is the term used for the place I upload pages, images, etc to the website) I cannot open it for adding the script. :confused:

    Is it possible for me to add it somewhere on the CpanelX site, and if so under which heading.

    I guess that even the longest journey must start with the first step. :rolleyes:

    Regards from sunny Spain
     
  7. spainhighlander

    Joined:
    Dec 12, 2006
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Benidorm, Spain
    Hello Spiral

    Further to the above dialogue, I have gained access to my .htaccess file.

    This is the script in the file:

    # -FrontPage-

    IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*

    <Limit GET POST>
    order deny,allow
    deny from all
    allow from all
    </Limit>
    <Limit PUT DELETE>
    order deny,allow
    deny from all
    </Limit>
    AuthName www.bondagedominationspain.com
    AuthUserFile /home/bondage/public_html/_vti_pvt/service.pwd
    AuthGroupFile /home/bondage/public_html/_vti_pvt/service.grp


    There are a number of .htaccess files for the website, all of which are similar ... more or less.

    My question is .... where should I place the script you have sent ?

    Thanks again

    Regards from sunny Spain. :cool:
     

Share This Page