skip to Main Content

I’m using a third party API that provides me with a bunch of images. I need to display about 20 to 30 images on a single page, but I don’t want anyone who is snooping at the source to know I’m using a third party service for these particular images. How would I go about masking these images so they look like they are coming from my domain name. I would preferably like to know how to do this with PHP or Apache.

P.S Is this bad practice or would I be better of downloading the images and saving them to the cloud?

Thanks

Edit: I took Gordons advice and tried the following and put the following code in my .htaccess, but It’s not working for some strange reason.

RewriteRule "^/?images(.*)" "https://img-inventory.supplier-domain.com/image/$1" [P]
ProxyPassReverse "/images/" "img-inventory.supplier-domain.com/image/"

The following is an example of the supplier URL
https://img-inventory.supplier-domain.com/image/upload/f_auto,q_auto:best,t_inv_small/hotel/i/155110/wpmeb5pjxdgse8kvfd87f.jpg

If anyone can kindly share what I’m doing wrong I would appreciate it.

2

Answers


  1. You can mask them in php file:

    <img src="image.php?image_id=555" />
    

    and image.php like this:

    <?php
    $url = YOUR_URL;
    $img_details = getimagesize($url);
    header("Content-type: {$img_details['mime']}");
    readfile($url);
    

    It depends on where you storage URLs to images. But you need to prevent errors, if there is no image by the URL.

    Obviously, the better practise is downloading images and show from your own storage.

    Login or Signup to reply.
  2. If you are using Apache, you can do this without PHP by using either mod_rewrite or mod_proxy.

    Quoting from http://httpd.apache.org/docs/2.4/rewrite/avoid.html#proxy

    RewriteRule provides the [P] flag to pass rewritten URIs through mod_proxy.

    RewriteRule "^/?images(.*)" "http://imageserver.local/images$1" [P]
    

    However, in many cases, when there is no actual pattern matching needed, as in the example shown above, the ProxyPass directive is a better choice. The example here could be rendered as:

    ProxyPass "/images/" "http://imageserver.local/images/"
    

    Note that whether you use RewriteRule or ProxyPass, you’ll still need to use the ProxyPassReverse directive to catch redirects issued from the back-end server:

    ProxyPassReverse "/images/" "http://imageserver.local/images/"
    

    You may need to use RewriteRule instead when there are other RewriteRules in effect in the same scope, as a RewriteRule will usually take effect before a ProxyPass, and so may preempt what you’re trying to accomplish.

    If you are using NGINX, you can use the location and proxy_pass directives:

    location /some/path/ {
        proxy_pass http://www.example.com/link/;
    }
    

    See https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/ for details.

    IMO, this is a better alternative than using a PHP proxy script because the webserver will handle caching for you. With a PHP script, you will need to handle this yourself.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search