Keep People from Jacking your Images

Posted by Nessa | Posted in Uncategorized | Posted on 19-03-2007

0

I get this question a lot, so I figured I’d post it here. For those of you who don’t have the convenience of a cPanel-based system, you can block image hotlinking in your .htaccess. Image hotlinking is basically when someone uses an image from your website on their site, but has your site in the <img src..> tags (instead of their own site) so the image loads remotely, and therefore sucks up your bandwidth and resources.

Load up the .htaccess file in your website root (public_html or www folder, usually) and add these lines anywhere in the file:


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://v-nessa.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://v-nessa.com$ [NC]
RewriteCond %{HTTP_REFERER} !^http://v-nessa.net/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://v-nessa.net$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.v-nessa.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.v-nessa.com$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.v-nessa.net/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.v-nessa.net$ [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ http://v-nessa.net [R,NC]

I’m using my two sites, v-nessa.net and it’s parked domain, v-nessa.com. These are sites that I want to allow to display my images. Please note that with Apache, w’s and https matter. So if you have hotlink protection set for yourwebsite.com and someone accesses your site via https://yourwebsite.com or www. yourwebsite.com, they will not be able to see the images unless your allow them as a referrer. Same goes with your subdomains.

My Puppy’s Cuter than Yours

Posted by Nessa | Posted in Uncategorized | Posted on 18-03-2007

1

Capone For anyone who hasn’t met the newest addition to the VasilĂ© family, I’d like to introduce you to Capone. He’s a purebred pitbull currently at 12 weeks, 25 lbs. His vet estimated that based on his genes he’s probably going to reach about 80-90 lbs by the time he’s a year old. Yes, that means that my puppy is going to be beast, and he’s probably going to make your puppy his bitch. I’m already working on digging a hole in my backyard to dispose of all the contingent body parts he’s probably going to bring home.

Click on the pic for the full image. You can see more pictures of my sexy-ass puppy in my Gallery.

Preventing DOS Attacks with mod_evasive

Posted by Nessa | Posted in Uncategorized | Posted on 18-03-2007

2

I recently had to deal with a guy whos VPS was constantly being hit by the same IPs over and over until the server crapped out and refused to do anything…it was royally a pain in the ass because I literally had about 10 seconds between starting up the server and having it crash again. Needless to say that those 10 seconds were spent stopping Apache to give me enough time to do a netstat -n and block the assholes who were flooding the server. I then decided to installed mod_evasive, which is a simple Apache module that monitors the amount of connections from one IP and blocks any that reach a set limit. Here’s how you do it via SSH:


wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
tar -xvzf mod_evasive_1.10.1.tar.gz
cd mod_evasive_1.10.1
/usr/local/apache/bin/apxs -cia mod_evasive.c

Once the module is compiled, restart Apache and add this to your httpd.conf:


<IfModule mod_evasive.c>
DOSHashTableSize 3097
DOSPageCount 6
DOSSiteCount 50
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
</IfModule>

DOSHashTableSize – Size of the hash table. The greater this setting, the more memory is required – faster

DOSPageCount – Max number of requests for the same page within the ‘DOSPageInterval’ interval

DOSSiteCount – Max number of requests for a given site, uses the ‘DOSSiteInterval’ interval.

DOSPageInterval - Interval for the ‘DOSPageCount’ threshold in second intervals.

DOSSiteInterval- Interval for the ‘DOSSiteCount’ threshold in second intervals.

DOSBlockingPeriod – Blocking period in seconds if any of the thresholds are met. The user will recieve a 403 (Forbidden) when blocked, and the timer will be reset each time the site gets hit when the user is still blocked.

A good supplementary script to mod_evasive is ddos, which will send you an email whenever an IP is blocked for too many connections. It also works as a backup in case Apache gets too hammered with connections. All you have to do is:


wget http://www.inetbase.com/scripts/ddos/install.sh
perl install.sh

Now you just edit /usr/local/ddos/ddos.conf .