Caddy: hot link protection ?

Created on 7 Dec 2015  路  12Comments  路  Source: caddyserver/caddy

Does Caddy support hotlink image protection ? What about with replacing the hotlinked image with custom image ?

cheers

George

feature request
Source
picture centminmod

All 12 comments

Hm, this basically means doing a URL rewrite based on the Referer header, right?

This isn't currently possible, but I have some ideas for rewrite middleware (or maybe another) to make this possible.

mholt picture mholt on 7 Dec 2015

yeah basically a rewrite based on referrer header and/or checking against valid referrers that are allowed http://nginxlibrary.com/hotlink-protection/

Would be nice to have :)

Not sure how involved it can be. For example with Nginx and Nginx lua, you can do some Lua checks for referrer and useragent and map them to variable so if a specific referrer or useragent is detected, you can allow or disallow hotlinking of the url.

centminmod picture centminmod on 7 Dec 2015

This would be a really simple plugin to get your feet wet extending caddy. See https://github.com/abiosoft/hello-caddy for a nice getting-started guide.

captncraig picture captncraig on 9 Dec 2015

I agree -- let's open this to someone who would like to write their first Caddy add-on. It should be as simple as checking the Referer header and responding with a different status code, rather than passing the request on through the middleware chain.

mholt picture mholt on 18 Jan 2016

Actually, I may be getting ahead of myself. Recent upgrades to the rewrite middleware make this possible, at least for simple protections:

rewrite {
    if {>Referer} not mysite.com
    status 403
}
mholt picture mholt on 18 Jan 2016
👍1

@mholt I can work on this if you still think it needs an add-on.

humboldtux picture humboldtux on 27 Jan 2016

Does the rewrite middleware suffice? The upgrades to it in 0.8.1 are pretty baller, and should capable of hotlink protection.

mholt picture mholt on 27 Jan 2016

Well I haven't heard anyone complaining about the rewrite middleware not being sufficient, so I assume it is :smile: Closing in favor of that.

mholt picture mholt on 23 Feb 2016

2016/12/26 21:22:09 Caddyfile:22 - Parse error: Wrong argument count or unexpected line ending after 'status'
via https://github.com/mholt/caddy/issues/402#issuecomment-172418928

pbuzdin picture pbuzdin on 26 Dec 2016

@pbuzdin You now have to use the status directive.

mholt picture mholt on 28 Dec 2016

i got the same error with pbuzdin

http://test.local {
    rewrite {
        if {>Referer} not test.local
        status 403
    }
}

2017/01/29 22:23:48 /etc/caddy/caddy.conf:60 - Parse error: Wrong argument count or unexpected line ending after 'status'

How can I use 'status' directive?

aydos picture aydos on 29 Jan 2017
👍1

@pbuzdin i think this will work:

http://test.local {
    root   /var/www/test/
    rewrite {
        if {>Referer} not ""
        if {>Referer} not "http://test.local/"
        to /hotlink 
    }
    status 403 /hotlink
}
aydos picture aydos on 13 Feb 2017
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

la0wei picture la0wei  路  3Comments
xfzka picture xfzka  路  3Comments
treviser picture treviser  路  3Comments
billop picture billop  路  3Comments
mikolysz picture mikolysz  路  3Comments