Home Ask Login Register

Developers Planet

Your answer is one click away!

raulbaros February 2016

Prohibit direct access to images URL

I have a blog with images. I do not want that the images are directly accessible through the URL (and also not for Googlebot and other bots)... for example... mysite.com/assets/images/img1... etc. So I thought to password protect the images directory with .htaccess. That worked, only front-end all my images became links, and I had to provide my credentials to make them show. How can I make my images show yet NOT make them directly accessible when typing the corresponding URL and the images URLs (or better yet the images directory) NOT accesible for bots to crawl/index?


jotadepicas February 2016

Don't go with password protection. The right way to do it would be to filter the requests based on the referer URL. If the request originates from your own site then it's ok. Otherwise the request is trying to get an image directly.

I've found this site with detailed instructions on how to do that: http://altlab.com/htaccess_tutorial.html

Taken from the mentioned site:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://url_to_default_image.gif [L]

Note that you would have to enable mod_rewrite in your Apache server.

Btw, just asking. Why don't just let people get the image directly if they want to?

Post Status

Asked in February 2016
Viewed 3,413 times
Voted 4
Answered 1 times


Leave an answer

Quote of the day: live life