Results 1 to 7 of 7
  1. #1
    Join Date
    Apr 2007
    Posts
    40
    Plugin Contributions
    0

    Default .htaccess Blocking Images

    Some code was added to my .htaccess file under public_html, and I have no clue how it got there. Possibly when I was changing permission numbers for some folders. Just realized there was a problem for others accessing images on my site when I was using practiceboard and all my images had red x's. Everything was fine on my computer, so I didn't realize there was a problem.
    My site host had me change the .htaccess folder name because she saw some suspect code. Once I did this, the images were fine. To my knowledge, all I have done intentionally to alter this file, is add some IP address to my deny list in Cpanel.
    Here is the code:
    [FONT=Times New Roman]# -FrontPage-[/FONT]

    [FONT=Times New Roman]IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*[/FONT]

    [FONT=Times New Roman]<Limit GET POST>[/FONT]
    [FONT=Times New Roman]#The next line modified by DenyIP[/FONT]
    [FONT=Times New Roman]order allow,deny[/FONT]
    [FONT=Times New Roman]#The next line modified by DenyIP[/FONT]
    [FONT=Times New Roman]#deny from all[/FONT]
    [FONT=Times New Roman]allow from all[/FONT]
    [FONT=Times New Roman]</Limit>[/FONT]
    [FONT=Times New Roman]<Limit PUT DELETE>[/FONT]
    [FONT=Times New Roman]order deny,allow[/FONT]
    [FONT=Times New Roman]deny from all[/FONT]
    [FONT=Times New Roman]</Limit>[/FONT]
    [FONT=Times New Roman]AuthName www.xxxxxxxxxxx.com[/FONT]
    [FONT=Times New Roman]AuthUserFile /xxxxxxxxx[/FONT]
    [FONT=Times New Roman]AuthGroupFile /xxxxxxxxxxx[/FONT]

    [FONT=Times New Roman]<Files 403.shtml>[/FONT]
    [FONT=Times New Roman]order allow,deny[/FONT]
    [FONT=Times New Roman]allow from all[/FONT]
    [FONT=Times New Roman]</Files>[/FONT]

    [FONT=Times New Roman]deny from xx.xxx.xxx.xx[/FONT]
    [FONT=Times New Roman]deny from xx.xxx.xx.xxx[/FONT]


    [FONT=Times New Roman]RewriteEngine on[/FONT]
    [FONT=Times New Roman]RewriteCond %{HTTP_REFERER} !^http://xxxxxxxxxx.com/.*$ [NC][/FONT]
    [FONT=Times New Roman]RewriteCond %{HTTP_REFERER} !^http://xxxxxxxxxx.com$ [NC][/FONT]
    [FONT=Times New Roman]RewriteCond %{HTTP_REFERER} !^http://www.xxxxxxxxxx.com/.*$ [NC][/FONT]
    [FONT=Times New Roman]RewriteCond %{HTTP_REFERER} !^http://www.xxxxxxxxxx.com$ [NC][/FONT]
    [FONT=Times New Roman]RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC][/FONT]
    [FONT=Times New Roman]deny from xxx.xxx.xx.xxx[/FONT]
    [FONT=Times New Roman]deny from xxx.xxx.xxx.xx[/FONT]

    My question is, how do I change this file so it has the correct code. Right now, renamed, it is inaccessible.
    I noticed when I went back into my site files, another .htaccess file had been added, which I thought was empty yesterday. but now today has this code:
    [FONT=Times New Roman]# $Id: .htaccess 1105 2005-04-04 22:05:35Z birdbrain $[/FONT]
    [FONT=Times New Roman]#[/FONT]
    [FONT=Times New Roman]# This is used with Apache WebServers[/FONT]
    [FONT=Times New Roman]#[/FONT]
    [FONT=Times New Roman]# For this to work, you must include the parameter 'Options' to[/FONT]
    [FONT=Times New Roman]# the AllowOverride configuration[/FONT]
    [FONT=Times New Roman]#[/FONT]
    [FONT=Times New Roman]# Example:[/FONT]
    [FONT=Times New Roman]#[/FONT]
    [FONT=Times New Roman]# <Directory "/usr/local/apache/htdocs">[/FONT]
    [FONT=Times New Roman]# AllowOverride Options[/FONT]
    [FONT=Times New Roman]# </Directory>[/FONT]
    [FONT=Times New Roman]#[/FONT]
    [FONT=Times New Roman]# 'All' with also work. (This configuration is in the[/FONT]
    [FONT=Times New Roman]# apache/conf/httpd.conf file)[/FONT]

    [FONT=Times New Roman]# The following makes adjustments to the SSL protocol for Internet[/FONT]
    [FONT=Times New Roman]# Explorer browsers[/FONT]

    [FONT=Times New Roman]<IfModule mod_setenvif.c>[/FONT]
    [FONT=Times New Roman] <IfDefine SSL>[/FONT]
    [FONT=Times New Roman] SetEnvIf User-Agent ".*MSIE.*" \[/FONT]
    [FONT=Times New Roman] nokeepalive ssl-unclean-shutdown \[/FONT]
    [FONT=Times New Roman] downgrade-1.0 force-response-1.0[/FONT]
    [FONT=Times New Roman] </IfDefine>[/FONT]
    [FONT=Times New Roman]</IfModule>[/FONT]

    [FONT=Times New Roman]# Fix certain PHP values[/FONT]

    [FONT=Times New Roman]#<IfModule mod_php4.c>[/FONT]
    [FONT=Times New Roman]# php_value session.use_trans_sid 0[/FONT]
    [FONT=Times New Roman]# php_value register_globals 1[/FONT]
    [FONT=Times New Roman]#</IfModule>[/FONT]

    [FONT=Times New Roman]# to turn off register_globals[/FONT]
    [FONT=Times New Roman]# php_value register_globals 0[/FONT]

    I had looked into the administration/.htaccess file to see the code. Then went to public_html/.htaccess to view it, and was asked if I wanted to overwrite it, I clicked skip, and when I viewed the file, it now has the same code as the admin. file.

    My question: what do I do? Is the new .htaccess file code correct, or is the one first above correct, but needs some code changes. Hope this makes sense because it's all very confusing.
    Thanks anyone.

  2. #2
    Join Date
    Apr 2007
    Posts
    40
    Plugin Contributions
    0

    Default Re: .htaccess Blocking Images

    Bumping up, hoping someone can help me with this.
    Thanks.

  3. #3
    Join Date
    Apr 2006
    Posts
    265
    Plugin Contributions
    0

    Default Re: .htaccess Blocking Images

    What you are asking for help with is very complex... I doubt you will get any helpful responses until you provide a url to see the site live and the non-edited version of your .htaccess file... otherwise it's just too difficult to diagnose.

    BrandTim

  4. #4
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: .htaccess Blocking Images

    Quote Originally Posted by chava View Post
    Just realized there was a problem for others accessing images on my site when I was using practiceboard and all my images had red x's.

    ...

    Code:
    RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]
    That line was likely added by clicking and image-protection link in your cpanel.
    Put a # in front of it, and your images will likely display properly again.

    Your cPanel will update your public_html/.htaccess file with several things depending on what you click. For example, that's how the "deny from" entries most likely got in there, etc.
    I imagine there is cpanel documentation available from your hosting company or at cpanel's main website.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  5. #5
    Join Date
    Apr 2007
    Posts
    40
    Plugin Contributions
    0

    Default Re: .htaccess Blocking Images

    The only edits I made to the file were xing out my site name and the IP addressed I banned. So, I don't think they have any bearing on the problem.

    Thanks DrByte. I added the # in front of the image code, renamed the .htaccess file back, and the images disappeared again when posting to the photobucket practiceboard. When I change the .htaccess file name again, the images are back. Does that indicate that there is some other code in that file that is affecting my images.?

  6. #6
    Join Date
    Apr 2007
    Posts
    40
    Plugin Contributions
    0

    Default Re: .htaccess Blocking Images

    Should also mention that Hotlink Protection is disabled, so I don't think that is causing the problem.

  7. #7
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: .htaccess Blocking Images

    1. Your server's errorlog should be telling you about any errors it sees in the .htaccess

    2. Selectively removing or commenting EACH line in the file should help you narrow down the cause.
    Maybe start with a blank file, and then add each line/section back one at a time to see when things break.
    Note that some "sections" must all go together, such as the IF statements and the directives that start with a <section> and end with a </section> tag etc. The individual lines inside them can be commented with a #
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

 

 

Similar Threads

  1. v138a HTACCESS Infinate Loop blocking upgrade - URGENT HELP NEEDED
    By Nigel Bywater in forum General Questions
    Replies: 8
    Last Post: 14 May 2015, 11:56 PM
  2. Replies: 1
    Last Post: 9 Jul 2012, 12:58 PM
  3. htaccess help - blocking access to robots.txt
    By spid3r1987 in forum General Questions
    Replies: 0
    Last Post: 6 Oct 2009, 09:35 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg