I have two vhosts, we'll call them: www.whatever.com and images.whatever.com.
I need to block EVERYHING from hitting images.whatever.com, unless it's referred by www.whatever.com.
All content in the images.whatever.com is .zip - there is not html, php, or other.
I wrote a rule that I thought would work, but seems to block any request :
=== currently i put this in the vhost ===
- Code: Select all
SetEnvIfNoCase Referer "^http://www\.whatever\.com/" local_ref=1
<FilesMatch "\.(zip|jpg)">
Order Allow,Deny
Allow from env=local_ref
</FilesMatch>
or
- Code: Select all
SetEnvIfNoCase Referer "^http://covers\.whatever\.com/" local_ref=1
<FilesMatch "\.(zip|jpg)">
Order Allow,Deny
Allow from env=local_ref
</FilesMatch>
Here is what the refer looks like from www.whatever.com: (doesnt seem to show its coming from www.whatever.com, when requesting to images.whatever.com:
68.204.186.114 - - [19/Feb/2005:11:12:13 -0700] "GET /notebook_00013_cstm.zip HTTP/1.1" 403 310 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
any help would be greatly appreciated!