At the most basic part of how to work from home on the internet there is three main paths.

1. Find a affiliate or reseller program or find a skill like data entry and solicit your services.

2.  Find your own product and put a shopping cart on your website. Paypal works great for this.

3. Provide a valuable content for a subscription fee

There is thousands of other way but I want to focus on the top three.

1 .. First find a affiliate or reseller program or find a skill like data entry and solicit your services. This the easiest of all ways to make money on the internet. I recomend finding something that most people use every month and that you use and have a opinion on. For example mps players, you can find a website that specializes in MP3 players and check to see if they have a affiliate program.

If they do then you should start a basic website, even one page is fine. Do not get a free web page or a page from the business that sells the product. This will be much harder to market and get search engine traffic to.

On your website post something eye grabbing like their lowest price MP3 player. Now add test that has to do with this devise on the page in a attractive and professional manner.

Next you should add a blog on the website, I recomend wordpress for this and DWHS for hosting since they have word press that can be added for free easily and they only charge$3 for a basic website.

Make sure and update your blog  3 times a week even if it’s cut and pasting stuff from the website that you are sending customers to. This will eventually make money if website has a good product, make sure and have a friend or you test the website to see if the affiliate program and website itself works well.

2 .. Find your own product and put a shopping cart on your website. Paypal works great for this. This is actually easier then you think. Even if all you sale is candles or toilet paper if the site is clean, professional, and functional you will make at least some sales.

First find a distributer, in this example lets say a local candle maker. At first you will not make much from the candles  because you will not buy them in bulk but this starting process is how almost all business with no start up costs will work.

Next sign up for paypal and use there shopping cart option to add the candles to your website and  allow for people to buy them. You will also want to make friends with your local shipping office so you can eventually get a shipping discount.

Next build a blog on your website and update it once a week with stuff in regards to candles. You will also want to sale these products on Ebay and Craigslist.

3 ..  Provide a valuable content for a subscription fee. This is done in so many ways I couldn’t cover them all but some are EBooks, News, Groups, Content, ECT.. ECT..

For this you don’t need a shopping cart, just a website with some great sales stuff on it and a company like verotel to manage the members and payments

–

Other things to consider:

Get good hosting, slow or dead web pages do not get customers. We recomend www.dwhs.net for this

Link to you blog from at least your front but even better is every page.

Make sure and add images to each blog post, it makes it less boring.

Think of these words first when making a website:  clean, professional, and functional

It’s not that bad to have someone else build the website. PageAlive.com does a page for $100 flat

Be patient, search engines take about three months to list and update new sites.

–

Written by Charles Yarbrough for www.marketingspot.com
www.charlesyarbrough.com

It’s coming to a age where having a website is necessary for all business owners. But who has time to update all the new products and business changes on a daily basis? The reality is the majority of business owners update their web page every 6-12 months. Usually this consists of something they think will improve the image of the website. The part that’s commonly overlooked is that updating your website pages and text at least once a month has huge benefits far beyond any benefit of a slight image change.

By updating the web page once a month it adds credibility with customers and even more credibility with the internet process (Search engines and other websites). Search engines will always list a website that is active over stale, plain, and low text (content) websites. The differance between adding even a little more text each month is huge for how search engines will consider your website in the SE ranking system.

Of course adding jiberrish will not help much, but adding good text based stories, information, and by building more pages you WILL make a huge differance.  With that said here is the top 5 reasons to update your website atleast once a month:

1. Search Engines - They see changed and content rich web pages as a active website and will always rank this over a stale website.

2. Other Websites - The internet starves for new original information and by adding it to your website regularly you will have a much better chance to get free one way links to your website.

3. Customers - When customers see a website that is updated and has lots of perdinant information they are more likely to save the page to there favorites and come back!

4. Personal  Investment - I’m not big on tricking myself but the more you add to your website and see actual results the more fun it will be to add more content and watch your website grow.

5. Website Quality - Eventually you will notice errors or little ways to clean up and make the website more usable when your actively updating it.

The best way to stay active is to add a blog to your website, www.wordpress.com is a search engine friendly and is super easy for anyone to use. Most web hosts like www.dwhs.net  has it available for free by the push of a button. For example www.ocfocus.com You can see how the main website is the front line for the business and just adding a link on the bottom of each page to your blog you can have a easily updatability website that the search engines and your customers will love.

The other option is to have a non-static website, you can so this with blog software or any CMS (content management system)  www.drupal.com is a good option for this but might require slightly higher hosting fees to run it.

Written by Charles Yarbrough for www.marketingspot.com
www.charlesyarbrough.com

VIDEO is taking over the internet world. I can’t explain enough how important it is to get on board. We will see more directories with video more websites with optional welcome videos and most importantly if you have a help page on your website make sure to have help videos!

Videos give the customer/visitor a sense of realism and that someone is with them during the process.  Really compared to text and a image it is a much more suyppeir way of getting something acomplished.

So why hasn’t everyone jumped on the band wagon? Well besides having a full plate it’s because the technology is still alittle cloudy. Do you use WMV, Flash, Quicktime, right.. Who knows.

Well I feel strongly that flash video is the best, it seems to roll with web pages better then the others and has more interactivity them the others.

So how do you start with video on the web?

1. Buy a camera, newegg and costco are good for this
2. Buy the video editor ulead
3. Export the finished video in flash
4. Add it to your website

Also green screens are great ways to spice up the video but don’t get cheesy. This is a business video and needs to not waste time and look clean.

The was written by Charles Yarbrough 

To help troubleshoot firewalls and give the ability for users to protect themselves we now have a free full service proxy for public access.

Free Web Proxy

If you have any questions about it, please let us know.

This is particularly useful in seeing if your ip is blocked from a firewall. By accessing the blocked web page through the proxy you can see if it’s your local ip or if the website is just not working.

We found a clean free web stats service at EZ Web Stats. No catch just great free web stats with no ads.

Over the last two weeks, I’ve discussed how to prevent crackers from gaining access to your Linux computer. This week, we continue the series with ways you can tell if someone has cracked your machine.Script kiddies are the worse kinds of crackers, primarily because there are so many of them and most of them are unskilled. It is one thing to be cracked when you have put in all the correct patches, have a tested firewall, and run advanced intrusion detection actively on multiple levels. It is another when you are cracked because you were lazy and didn’t, for example, install the latest patch to BIND.

It’s embarrassing to be cracked because you weren’t paying attention. It’s aggravating to realize that some script kiddie downloaded one of many well known “root kits” or publicly available exploits, and is having a party with your CPU, storage, data, and bandwidth. How do these villains get started? The answer is usually with “warez,” which often consists of a root kit.

A root kit is a software package that a cracker uses to provide himself (and it’s usually a “he”) with root-level access on your machine. Once the cracker has root access on your machine, it is all over. The only method of recourse that is truly effective is to back up your data, wipe the disks, and reinstall the operating system. However, it is not always easy to discover that someone has taken over your machine.

Can you trust your ps command?

The first trick in finding a root kit is to run the command ps. Chances are that everything will look normal to you. Here is an example ps output:

PID TTY      STAT   TIME COMMAND
1 ?        S      0:05 init
2 ?        SW     0:00 [kflushd]
3 ?        SW     0:00 [kupdate]
4 ?        SW     0:00 [kswapd]
5 ?        SW     0:00 [keventd]
6 ?        SW     0:00 [mdrecoveryd]
2655 ?        S      0:01 syslogd -m 0
2664 ?        S      0:00 klogd
2678 ?        S      0:01 identd -e -o
2685 ?        S      0:02 identd -e -o
2686 ?        S      0:56 identd -e -o
2688 ?        S      0:55 identd -e -o
2690 ?        S      0:01 identd -e -o
2696 ?        S      0:00 /usr/sbin/atd
2710 ?        S      0:00 crond
2724 ?        S      0:00 inetd
[…]

The real question is, however, “Is everything actually normal?” A common trick that a cracker will use is to replace the ps command. The replaced version will mask illicit programs running on your machine. To test this, check the size of your ps application. It is usually located in /bin/ps. On our Linux machines it is about 60 kilobytes. I recently encountered a root kit that had replaced the ps program. The compromised ps from the root kit was only 12 kilobytes in size.

Another obvious trick is the linking of root’s command history file to /dev/null. The command history file is used to track and log commands that are issued by a user when they log into a Linux machine. Crackers will redirect your history file to /dev/null so that you can not see what commands they were typing.

You can access your history file by typing history at your shell prompt. If you find yourself using the history command, and it does not display any previously used commands, take a look at your ~/.bash_history file. If the file is empty, perform a ls -l ~/.bash_history. When you perform the previous command you should see something similar to the following:

-rw——-    1 jd   jd   13829 Oct 10 17:06 /home/jd/.bash_history

However, you may see something like this:

lrwxrwxrwx    1 jd   jd   9 Oct 10 19:40 /home/jd/.bash_history -> /dev/null

If you see the above, the .bash_history file has been redirected to /dev/null. This is a dead giveaway. Take your machine off the Internet now, back up your data (if you can), and begin a reinstallation.

Look for unknown user accounts

While you are playing detective on your Linux machine, it is always smart to check for unknown user accounts. The next time you log into your Linux box, type the following command:

grep :x:0: /etc/passwd

The only line, I repeat, the only line that the grep command should return on a standard Linux installation is something similar to the following:

root:x:0:0:root:/root:/bin/bash

If your system returns more than one line with the previous grep command, you may have a problem. There should only be one user with the UID of 0 and if that grep command returns more than one line, you have more than one.

Brought to you by DWHS Web Hosting

htaccess Tips and Tricks

After many frustrating months of learning how to protect my web site I decided to help some other webmasters out as well. There’s really only one reason we need to worry about this stuff: People like to steal. Every increase in my site’s security has been brought on by someone hacking into it and let me tell you, there have been many increases.

I have separated this page into several sections:

1) Stopping hackers
2) Stopping site snagging (offline viewing)
3) Stopping Hotlinking
4) Multiple Domain Names: Shared Members Areas

Section 1) Stopping hackers

The most common way of protecting your members only area is with, as I’m sure you know, a filed named .htaccess sitting in your server’s member’s folder. This file is used by your server to pop up a little box and force people to enter a username and password. It then checks that against a password file located on your server to see it the info is valid. If it is, access is given.

There are, however, many lines that you can add to your .htaccess file that most webmasters don’t really know about. I’ll go through them one by one as well as show you completed .htaccess files that you can start using immediately.

NOTE: You only need to copy the text below that is in black. It is also important that you use a very basic text editor to save the file. Use Notepad or NoteTab to do it. DO NOT use MS Word! The file will not save correctly! You should also realize that an .htaccess file is just plain text file with a funny name. The complete file name really is .htaccess, period in front and all.

Here is the basic .htaccess file that most people use:

AuthUserFile /server/path/to/your/password/file/.htpasswd
AuthGroupFile /dev/null
AuthName “Members Area”
AuthType Basic

<limit GET PUT POST>
require valid-user
</limit>

This file, when placed in your members only folder will protect all of the subfolders under it. There are however some holes here. Once inside the members area, they can still poke around for things you may not want them to see by being creative and typing in URL’s. Most of the time this is no big deal. However, they really don’t need to be poking around in there.

Another problem is that some password security programs have to be accessed directly or in a very specific way to work. An older version of the security program I used required a file called index.cgi to be placed in the member’s only folder. When you linked to http://your-main-domain.com/members/ it would do two things. First, the .htaccess file would check the username and password to see if they were valid. Second, if approved, it would run my security program to see how many people have used that username and password. If that checked out, they would be sent to the opening page of my member’s area which was actually http://your-main-domain.com/members/welcome.htm.

That worked fine as long as no one tried to go directly to the welcome.htm page. Guess what, hackers are smart. By posting a simple link on a password trading site, they could bypass the security program and gain access in one easy step. The link would look like this:

http://username:password@your-main-domain.com/members/welcome.htm

Look familiar? If you’ve ever been password traded (and you will) it should look familiar. After that I learned of some code that will stop this and force everyone to use one page to gain access to the member’s area.

AuthUserFile /server/path/to/your/password/file/.htpasswd
AuthGroupFile /dev/null
AuthName “Members Area”
AuthType Basic

<limit GET PUT POST>
require valid-user
</limit>

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*your-main-domain.com/ [NC]
RewriteRule /* http://www.your-main-domain.com/login.htm [L,R]

The new section activated the RewriteEngine feature of your .htaccess file. This will now only allow access to the member’s area of your site through a link on your page. If they don’t use an actual link on your site they cannot get in. Any URL that you manually type into the address bar of your browser will show up in your log file as having no referrer and will not pass. The only way to satisfy the RewriteCond of this updated .htaccess file is to use a link on your site.

Using this example, you will need a new little web page named login.htm in your free area. On that page you will need a link to your member’s area. Whatever link will allow your security program to work right.

The main thing I like about using this is that it keeps people from messing around inside the members area. Since I update with new pics every week, I can upload several sets at a time to the server and have them waiting. I don’t have to worry about anyone finding them before I link to them.

Now remember, if you don’t have any software in place to monitor how many times your usernames and passwords are being used, this won’t help you at all. This method won’t stop shared usernames and passwords from being used. It is only here to channel people into your password sharing software. I personally recommend using Password Sentry. It’s a one time charge and they give you lifetime upgrades and support. It’s also not very expensive. I haven’t found any program out there that I liked any better, at any price. You can find them at monster-submit.com/sentry/

Remember DWHS has FREE password sharring and brute force protection!

I actually use their newest version which can stop people from hammering your site with username and password combinations until they get one that works. I was getting at least one person a day running one of those programs on my site trying to get in. I still use an .htaccess file in my members area, but it no longer checks for a username and password. It looks for a temporary cookie that is placed on their system is they are approved by my security program. It’s just as secure but blocks those password hammering programs completely.

——————————————————————————–

2) Stopping Site Snagging

This one pisses me off. There are many programs out there designed for “offline viewing” of web sites. These programs allow a person to download everything on your site to their computer. It works wonderfully in the free area, however, if they have a username and password to your site, they can also download your entire member’s area.

If you don’t have any software protecting you from password traders, this one could be devastating. Not only could everyone in the world get into your members area for free, they could download everything in there in a hurry. If you have 200 MB of stuff in your site and 1000 people get in for free and decide to use one of these programs, your looking at 200 Gigabyte of transfer in as short as one day. Can you afford that? Those numbers are kind too. Many of you have much more than 200 MB of stuff. I’ve also been traded in the past and was receiving 4500 people per hour into the members area for free. That could put you out of business in a hurry.

If you don’t think that these programs are a problem check your stats. Many stats programs will tell you the different web browsers that are visiting your site. I have programs like Teleport Pro and Offline Explorer in my top 10 web browsers every single day.

Since we have to pay for bandwidth, which can get expensive as your site grows, this can turn into a major problem. I was surprised at how much bandwidth I saved after adding these lines to an .htaccess file.

Here’s the best part. You can place this .htaccess file in your root public directory. Put it in the same folder as your site’s opening index file and it will protect your entire site.

You’ll notice one major difference about this file. It doesn’t require usernames and passwords to get in. Those lines have simply been removed from the file. It will also not have any effect on the .htaccess file in your member’s folder. That one will check passwords, this one will stop people from snagging your site.

There are actually 3 sections to the file below.

The first section allows you to block specific users’ ip addresses. I have two blocked here. There were users that tried hammering my site with around 20,000 username and password combos. This part is optional since most people have a new ip each time they log on. However, if they are using a cable modem they will keep the same ip all of the time like the two in my example. If I were you I would definitely leave that guy in there.

The second section related to error 404’s. This works well with the way many search engines work. I don’t know how many of them are still linking to pages on my site that no longer exist. If someone clicks on a link from that search engine that is no longer any good, they just get that blank error page. The errordocument line below forwards those people to another page. I forward them to my opening page. That way, if they come to my site using a link that no longer is valid, they end up at my opening page never realizing that the link was bad.

The third section stops the programs that will try and download your site. Since I’m finding more all the time the list keeps growing. If you discover more, just add them it. If the program is actually two words, Teleport Pro for example, you only need to include one word to block them. Notice below that I have a line including Teleport, but not Teleport Pro. I’ve downloaded the program and tested it. This method works perfectly.

The very last line, the RewriteRule, is where violators will be sent to http://www.dwhs.com/random.htm it’s a generic page from our hosting service that will take the bandwidth of the person getting kicked off..

<Limit GET>
order allow,deny
deny from 24.128.16.113
allow from all
</Limit>

errordocument 404 http://www.your-main-domain.com/index.htm

RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^.*WebZIP.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Iria.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Stripper.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Offline.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Copier.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Crawler.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Snagger.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Teleport.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Reaper.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Wget.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Grabber.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Sucker.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Downloader.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Siphon.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Collector.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Mag-Net.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Widow.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Pockey.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*DA.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Snake.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*BackWeb.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*gotit.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Vacuum.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SmartDownload.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Pump.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*HMView.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Ninja.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*HTTrack.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*JOC.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*likse.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Memo.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*pcBrowser.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SuperBot.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*leech.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Mirror.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Recorder.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*GrabNet.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Likse.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Navroad.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*attach.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Magnet.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Surfbot.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Bandit.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Ants.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Buddy.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Whacker.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*DISCo\Pump.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Drip.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EirGrabber.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*ExtractorPro.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EyeNetIE.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*FlashGet.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*GetRight.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Gets.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Go!Zilla.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Go-Ahead-Got-It.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Grafula.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*IBrowse.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*InterGET.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Internet\Ninja.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*JetCar.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*JustView.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*MIDown\tool.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Mister\PiX.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*NearSite.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*NetSpider.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Offline\Explorer.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*PageGrabber.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Papa\Foto.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Pockey.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*ReGet.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Slurp.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SpaceBison.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SuperHTTP.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Teleport.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebAuto.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Webcam\Watcher.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebCopier.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebFetch.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebReaper.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*FreeLoader.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Clint’s\Webcam.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebCam\Spy.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*CamEVU.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*iCamMaster.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Cam\Chaser\Pro.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*FlashIT.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebSauger.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebStripper.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebWhacker.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebZIP.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Web\Image\Collector.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Web\Sucker.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Webster.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Wget.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*eCatch.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*ia_archiver.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*lftp.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*tAkeOut.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*FileHound.*$
RewriteRule /* http://www.dwhs.com/random.htm [L,R]

If you decide to redirect them somewhere else be sure to leave the “[L,R]” at the end of the line. It’s rather important.

Remember to always check your site immediately after uploading a new .htaccess file to your server. If there are any errors in you file, your site will most likely not load at all. In that case, quickly delete the file off of the server until you figure out what went wrong!

——————————————————————————–

3) Stopping Hotlinking

I think I see some of you smiling already. Yes, you can use an .htaccess file to stop people from hotlinking images off of your site. I recently discovered several of my pictures being posted on a messageboard. They had a little message and then my picture would pop up in the message. It was loading directly off of my server with absolutely nothing pointing back to me. I was pissed.

The .htaccess file to prevent this is very similar to some of the ones above. It’s just much shorter since it only performs one function, to stop hotlinking. It does this by checking the referrer. In other words, where the hit is coming from.

I have actually moved all of my images, graphics, games, you name it into a subfolder in the free area. I then just place this .htaccess file into that folder.

I DON”T recommend adding these lines into the .htaccess file above that protects your entire site. Why? Well, when you sign up on someone else’s friends page you have to enter in a URL of your ID picture. If you block everything than all of your ID pictures on all of those friends pages you signed up for will not load. Your ID picture will be a very sexy little red x.

You can stop people from hotlinking your id pictures if you want, just think it through first. I have my banner farm protected to stop new sign ups from hotlinking. However, I still have a few I pictures in unprotected areas too. That way I can sign up for new friends and links pages. You also don’t want to block everything if you purposely post pictures at picpost pages. If you block your entire site, none of those picposts will load.

Similar to some of the above files, this one will allow the picture to load if the referring site starts with princessmandy.com/ only. Do not include the www . in here. That’s what all of the crap in front of princessmandy.com/ is for. The referrer can end with anything it likes, as long as it has princessmandy.com/ in it.

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*princessmandy.com/ [NC]
RewriteRule /* http://www.your-main-domain.com [L,R]

——————————————————————————–

Multiple Domain Names: Shared Members Areas

Here’s a fun one. Many of you may have several web sites but only one credit card account and one password file. How do you get everyone to have access to all of your site’s members areas but only use one account? Easy. Use .htaccess files. This can get a little bit tricky so pay attention.

Let’s say you have three sites: dwhs1.com, dwhs1.com, and dwhs3.com

Let’s also say that you want anyone joining one site to have access to all three.

Pick one site to house the main entry page. Just like in the above examples, create a page called http://www.dwhs1.com/login.htm in the free area of that site. You can call it whatever you want. Use that page as the entry page for all of your web sites. Just put a link on there saying “click here to enter the member’s area” or something.

Now everywhere on dwhs2.com and dwhs3.com that says “member’s entrance” should point to http://www.dwhs1.com/login.htm. Understand? Only one entrance page and only one password file. Everyone must enter from the same place.

Now, you’ll need to add the following lines to your .htaccess file in the member’s only folder of dwhs1.com.

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*dwhs1.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*dwhs2.com/members/ [NC]
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*dwhs3.com/members/ [NC]
RewriteRule /* http://www.dwhs1.com/login.htm [L,R]

This will allow entry only from either your main page’s entry page, or from the member’s area of your other sites. Is part is tricky to think about but very important.

Your new dwhs1.com member’s only folder .htaccess file will most likely look like this:
AuthUserFile /server/path/to/your/password/file/.htpasswd
AuthGroupFile /dev/null
AuthName “Members Area”
AuthType Basic

<limit GET PUT POST>
require valid-user
</limit>

RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*dwhs1.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*dwhs2.com/members/ [NC]
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*dwhs3.com/members/ [NC]
RewriteRule /* http://www.dwhs1.com/login.htm [L,R]

Now here’s the fun part. The members areas of dwhs2.com and dwhs3.com will no longer check for a valid username and password. They will only check out where the person is coming from. If they aren’t coming from one of three places they will be routed to the login.htm page on dwhs1.com.

This .htaccess file is very small and should be placed in the members only folder at dwhs2.com and dwhs3.com.

You must include lines for all of your sites in every .htaccess file.

The .htaccess files at dwhs2.com/members and dwhs3.com/members should look like this:

RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*dwhs1/members/ [NC]
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*dwhs2/members/ [NC]
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*dwhs3.com/members/ [NC]
RewriteRule /* http://www.dwhs1.com/login.htm [L,R]

That’s it. They’re very short files but they will do the job. These new .htaccess files at monkeytwo and monkeythree will only allow people access if they’re coming from the members only area of one of the other sites. They don’t need to check usernames and passwords too.

I made a new page in my members area that links to all three of my sites. Once they are validated at princessmandy.com they end up on this one page. It’s sort of a “Welcome inside. What site do you want to visit?” type of thing. It works very, very well and allows me to use one password file for as many sites as I want.

This method can also be used to allow two very different sites to share a members. Each site can be owned and operated by two different people using two different login pages, generating their own revenue, but sharing a members area.

Just allow access from either your own site, or the members only folder of the other site.