Need to prevent leaching or hot-linking of your web fonts in IIS 7? I found not just one but two posts outlining how to achieve this. To sum up, put something like this in your web.config:
<system.webServer>
<rewrite>
<rules>
<rule name="Prevent font hotlinking">
<match url=".*\.(eot|svg|ttf|woff)$" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_REFERER}" pattern="$^" /> <!-- No referrer -->
<add input="{HTTP_REFERER}" pattern="^https?://(.*\.)?({local domain}|{dev domain}|{staging domain}|{live domain}).*$" negate="true" /> <!-- Not from your site -->
</conditions>
<action type="Rewrite" url="/font/no-hotlinking.txt" />
</rule>
</rules>
</rewrite>
</system.webServer>
Of course, don't forget to change the {domains} in the above example for your own.
No comments:
Post a Comment