Protecting Magento Images - magento

It is good that magneto offers watermarking of images so a watermarked image will appear as
http://www.yourwebsite.com/media/catalog/product/cache/1/image/de684549e4151748e56ee0dd7902c19f/m/y/my-first-image.jpg
This is good. But if anyone removes the cache/1/image/de684549e4151748e56ee0dd7902c19f part of URL so that it becomes
http://www.yourwebsite.com/media/catalog/product/m/y/my-first-image.jpg
He can view the image and copy it. What is best way to cope up with this problem?

This is how I managed to do it.
Put an .htaccess file in media/catalog/ folder in Magento with following code in it
Options +FollowSymLinks
RewriteEngine on
#Following line allows the actual images to be accessed by admin end directly
RewriteCond %{HTTP_REFERER} !^http://www.yourwebsite.com/.*$ [NC]
#Following line allows the watermarked images to be accessed directly. Rule says that if URL does not contain cache
RewriteCond %{REQUEST_URI} !(/cache/) [NC]
#This is the page where visitor will be redirected if tries to access images directly.
RewriteRule \.(gif|jpg)$ http://www.yourwebsite.com/do-not-try-to-steal-images.html/ [R,L]

Well, create yourself your images with the watermark !!! Like that if the cache is deleted, the cache will recreate an image from the already watermarked image

You can create an .htaccess file in the media/catalog folder with the following lines in it:
Options +FollowSymLinks
RewriteEngine on
RewriteRule ^(.*?/cache.*)$ $1 [L]
RewriteRule ^(.*)$ $1 [F]
This will return a 403 to the user if they try to view the original file but let them see the images that are in the cache.
This breaks previewing the images in the admin as they display the original files and not a generated thumbnail.

Related

rewrite url only and stay on the same page

I have read a lot on stack about rewriterule and how it applies and I've tried reading up on some good articles online but I still cannot wrap my head around a few things.
I have blogs setup where all folders are in
https://domain.ca/posts/post-tree/*
So I've setup htaccess like this
RewriteRule ^posts/post-tree/(.*)$ /index.php?$1 [R=301]
As I'm sure you can guess this basically brings me root index.php where I catch this request with a $_GET to know the name of the blog folder it was requesting.
This is fine I can hit index.php and with $_GET I know the blog page they requested.
What I do not get, and I've tried a lot of things, is once I have this request in index.php how do I re-write the URL to show something like https://domain.ca/blogpage/ instead of looking like https://domain.ca/index.php? where https://domain.ca/blogpage/ does not really exist of course, but it is because I want to hide the http://domain.ca/posts/post-tree/ path.
Its a little like when wordpress processes a blog page with the id and after rewrites the url to whatever slug is set for that blog page. at least my understanding of it as they don't have individual folders for blogs, but I do.
I finally got this working with the following in the htaccess file
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
# the above checks if file or folder exists, if not the below is processed
# this will route to base index file and fetch $1 folder via $_GET
RewriteRule . /posts/post-tree/index.php?$1

I want to block assets folder path in Codeigniter

Am new in Codeigniter i want to block assets folder in my website. I mean website users(website viewer) enter http://www.example.com/assets it move to 404 page.
Please help me...!
Thanks in advance
If your assets folder is there to serve things like CSS, JavaScript and image files (like would be intended), and is an actual directory, then you can either do this by adding a .htaccess file to the directory (assuming it's running under Apache) which will take all requests which are not for explicit file paths and route them to the website controller/action for a 404 (or other page you use for this).
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ http://yourdomain.com/path/to/404 [QSA,L]
</IfModule>
Alternatively, you can add an index.php file which redirects the browser to the location for a 404 page, or displays a 404 type page as a response.
header("Location: http://yourdomain.com/path/to/404");

Redirect images to a page with .htaccess

I would like to know if it possible to set up a redirect in the htaccess file so that if an other website directly links to an image on my site, instead of the image opening in a browser window on its own, the page that the image is hosted on is displayed.
This page has the same name as the image i.e. if the image the other site is linking to is
www.mysite.com/imagename.jpg
then I want it to redirect to a page called
www.mysite.com/imagename/
Try this code :
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^www\.mysite\.com$
RewriteRule ^wp-content/main/[0-9]{4}_[0-9]{2}/([\.]+)\.(jpe?g|gif|png)$ /$1/ [R=301]
This might work.
RewriteRule ^(.*)\.(jpg|gif|png)$ /$1/ [R]
RewriteRule ^wp-content/main/.+/(.*)\.(jpg|gif|png)$ /$1/ [R]

mod_rewrite espression for multi client application

I have a php application that serves multiple customers. Code is placed in the domain's root and is shared for all customers. Each customer can access it's page by using query string parameter "id".
I need advice and a sample code how to achieve this routing via mod_rewrite or it' better way to do it through php routing script:
Home page:
www.example.com/customerA --> www.example.com/customerA/main?id=1
www.example.com/customerB --> www.example.com/customerB/main?id=4
Note: "main" is main.php file not displaying file extensions.
Customer subfolders are not the real ones.
Inner pages are using additional parameters like:
www.example.com/customerA/page1?id=1&par1=5
On SERVER SIDE all rewrites should be interpreted as www.example.com/main?id=4
without virtual subfolder.
Thanks.
Here's what should work:
RewriteRule ^/customerA /customerA/main?id=1 [QSA,NC,R=301,L]
RewriteRule ^/customerB /customerB/main?id=4 [QSA,NC,R=301,L]
RewriteRule ^/(customer(A|B))/main /main [QSA,NC]
Now that's I've answered precisely to your question, I'm pretty sure it's not what you want.
If you have a lot of customers, I've made a huge answer here of a question that was about films, but you it's about customers, but the principle is exactly the same.
If you want to be more generic:
# if URL is not a real file...
RewriteCond %{SCRIPT_FILENAME} !-f
# if URL is not a real folder...
RewriteCond %{SCRIPT_FILENAME} !-d
# ...and if adding "php" points to a real file...
RewriteCond %{SCRIPT_FILENAME}.php -f
# ...then rewrite internally with "php" extension:
RewriteRule (.*) $1.php [QSA,NC]
Hope this helps.

CDN Related : Rewrite Image URLs automatically from .htaccess

Recently I bought a CDN and set it up. In my site, the images are stored in a folder named 'images' and the Image urls are obviously linked in this manner. (*Ex : images/some_image.png*)
Since I want to use the CDN right way, I need to rewrite the urls without having to manually change each and every image path.
I tried an .htaccess code which was suggested for a similar problem
RewriteEngine On
RewriteBase /
RewriteRule ^images/(.*)$ http://cdn.mydomain.com/$1 [L,R=301]
But that didn't seem to work properly as all the images were linked improperly.
So I would like to know the changes in this code. Any response would be appreciated.
This should work:
RewriteCond %{HTTP_HOST} ^yourdomain\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.yourdomain\.com$
RewriteRule ^images\/?(.*)$ "http\:\/\/cdn\.yourdomain\.com\/$1" [R=301,L]
However, please note that this is just a temporary solution!In order to get the max out of your CDN, you need manually point images to your CDN in order to save one HTTP for every image.

Resources