0

I have thousands of pdf files on my website and I noticed that heaps of other websites have started stealing my pdfs by adding a direct link to these pdf files on their site. (sucks!). I have been desperately trying to prevent hotlinking to pdfs through my htaccess but it doesnt work. This is what I have in my htaccess:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://www.mysite.com$      [NC]
RewriteRule .*\.(pdf)$ http://www.mysite.com/index.php [R,NC]

I've also been searching the net for a long time and couldnt find a solution that works for pdfs. Most of them are for images, flash, etc and they also mention that it should work for pdfs too but it doesnt for me. I also read some suggestions to move the pdfs outside webroot. I dont want to do that neither. Its way too much work when I already have 1000s of pdfs on my site. Can someone please help me on how I can acheive this through htaccess. If it wont work using htaccess for pdfs, then how I can do it so people cant access my pdfs using a direct link or link referred from other sites?

Please keep in mind that I am still a newbie and new to all this. I am on CentOS using Apache and Nginx as reverse proxy. please help...

Neel
  • 9,352
  • 23
  • 87
  • 128

1 Answers1

0

If you're using Apache and nginx, I assume you're using the typical sort of reverse-proxy set up, with nginx serving up static content and Apache processing PHP--or something similar. The problem is, if you're serving up static content with nginx, that would probably include PDFs, so the apache rewrite rule is never hit--nginx serves up the PDF without bothering Apache.

You'll need to modify your nginx.conf file, or whatever file you have your server declaration in, I believe. I haven't tested this myself, but there's an example here. You'll have to make sure that the referer and rewrite modules are enabled to make this work, and obviously change .png or .mp4 to .pdf.

rzyns
  • 161
  • 1
  • 5