Ok people I have a huuugeeeee problem I have a lot of 302 Moved temporarily (redirect) error in my logs, when I say a lot I think at least 1000 hits a day... What I think causing the problem is this: my htaccess file.. It looks something liek this: php_value session.use_only_cookies 1 php_value session.use_trans_sid 0 RewriteEngine On RewriteCond %{HTTP_REFERER} !^http://my domain .com.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www. my domain .com.*$ [NC] RewriteRule .*\.(gif|jpg|jpeg|bmp|css)$ http://www.my domain .com/message.php [R,NC] RewriteRule ^Something\/(.*)\/(.*)\/(.*)\/(.*)$ index.php?category=Something&group=$1&second=$2&third=$3&forth=$4 RewriteRule ^Something\/(.*)\/(.*)\/(.*)$ index.php?category=Something&group=$1&second=$2&third=$3 RewriteRule ^Something\/(.*)\/(.*)$ index.php?category=Something&group=$1&second=$2 RewriteRule ^Something\/(.*)$ index.php?category=Something&group=$1 ErrorDocument 404 /message.php ErrorDocument 403 /message.php IndexIgnore * --- Can this be a reason for error? What do you suggest to do. I tried to search online, I know what 302 is.. but can't figure out what is the problem.
Looking at your rewrite rules, nothing stands out (as a direct cause), if the htaccess was doing it, one of the lines would have something like [R=302] on the end of it. (below i am taking about your rewrite rules, not the settings above them) In saying that, the first 3 lines MIGHT be causing it, the first 2 (ReWriteCond) are saying if something links to your images (3rd line) that isn't from your domain name, it's redirecting to message.php - that might be triggering it. which would mean logicly that someone is trying to hotlink your images. you could remove the first 3 rules, but they would enable hotlinking (which means people are basicly linking to your images from their site, stealing your bandwidth) if you wanted to be nasty, you could rename the files they are hotlinking to (on your site) and put little nasty picutres in the old file names, that'd make them look very nice indeed
The way I read your current rules (and I read RewriteRules for a living...) is that the first three lines: are designed to prevent hotlinking and they do it by sending an HTTP 302 response containing the full URL of your site instead of an HTTP 200 response with the image they thought they would get. Most clients will then follow the 302 redirect and will then try to insert your message.php into the image tag on the offending website, which will result in a broken image on the hotlinking site. If you check your logs, you will see that for every request for an image or css file with a referrer that isn't your site that has an HTTP 302 response code, you will see a request for /message.php from the same IP address seconds later. The letter in brackets after the RewriteRule [R] specifies a redirect and by default, that means a 302. You can write [R=302] if you want to be specific and you can write [R=301] if you want a permanent redirect. Something else to be careful of is that some privacy programs block the referrer from being sent, alter the referrer to XXXX://XXXXXXXX (etc.) or don't send one at all. There will also not be a referrer if someone bookmarks an image on your site or types the URL in manually. If you add another RewriteCond just below the first two, you can account for these visitors as well. RewriteCond %{HTTP_REFERER} !^$ [NC] Code (markup): Lastly, 1000 hits a day might seem like a lot to you, but if someone is trying to use one of your images as his avatar on a popular forum...
Thanks for your replays. Now it is about 300 hits an hour and growing. I switched to be 301 redirect in my htaccess, and I also added one image that will show every time someone tries to hotlink, of course my ad And you were right, there were few IP s in period of few seconds apart that tried to get images. In fact there were more than 10 IP - unique, that combined have more than 90% of 302 response status. I will probably block these ones. Thanks for your help.