0

I want to give 403 error to specific extension if someone try to access it directly or try to include my file in third-party website/ cross website.

Example :

let say, example.com is my website and it have a image file happy.png so i want if someone visit example.com/happy.png it should display 403 error and also it should not be used in any other domain like <img src="http://example.com/happy.png" /> except my domain example.com. Only my domain should use my assets.

i want to deny txt, png, jpg, jpeg, ico, css, js etc

.htaccess code :

<FilesMatch ".txt", "png", "css", "js">
    Order Allow,Deny
    Deny from All
</FilesMatch>

OR

<FilesMatch ".(htaccess|htpasswd|ini|psd|log|sh)$">
Order Allow,Deny
Deny from all
</FilesMatch>

What wrong with my code? why it not working as i want?

Stellan Coder
  • 323
  • 1
  • 11
  • @ChrisHaas No, i want to protect multiple extension just not only images and also i want to do this with .htaccess – Stellan Coder Dec 28 '21 at 20:02
  • Did you read all of the answers on that page, including the one with an htaccess sample that blocks for missing referrers and supports multiple extensions? – Chris Haas Dec 28 '21 at 20:04

1 Answers1

-1

Use this

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://www\.example\.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www\.example\.com$ [NC]
RewriteRule .*\.(txt|ico|jpg|jpeg|gif|png|bmp|js|css)$ - [F,NC,L]

OR

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com [NC]
RewriteRule \.(gif|jpeg|js|css)$ - [F,NC,L]
Rajeev Ranjan Sharma
  • 217
  • 5
  • 15