Built in referer check of apache httpd

Recently I found that it is possible to do a referer check within the Apache Webserver, so you don’t need any PHP-voodoo… :-D

All you need is the next few lines in your httpd.conf file:


SetEnvIfNoCase Referer "^http://www.example.com/" ownsite


<Directory "/usr/sites/www.example.com/pics">
Order deny,allow
Allow from env=ownsite
Deny from all
</Directory>


So other sites will receive a 403 forbidden message from you webserver if they try to link to a file in your pics map :-D