This question already has an answer here:
I'm trying to implement some protection of my images, what's wrong with my code?
// If referral is from google but NOT from "http://www.google.com/blank.html", redirect home
RewriteCond %{HTTP_USER_AGENT} !(googlebot|bingbot|Baiduspider) [NC] //If user agent is NOT bot
RewriteCond %{HTTP_REFERER} !^$ //Allow blank referral
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC] //if referral is from google
RewriteCond %{HTTP_REFERER} ^http://www.google.com/blank.html$ //if referral is NOT from that url
RewriteRule http://www.mydomain.com/ [R,L] //redirect home
// If referral is from my domain and accessing images, do nothing
RewriteCond %{HTTP_USER_AGENT} !(googlebot|bingbot|Baiduspider) [NC] //If user agent isn't bot
RewriteCond %{HTTP_REFERER} !^$ //Allow blank referral
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mydomain.com [NC] //if referral is from my domain
RewriteCond %{REQUEST_URI} !(^|&)images(&|$) //if URL contains string "images"
RewriteRule ^.*$ - [NC,L] // DO nothing
// If referral is NOT from my domain and accessing images, show watermarked image
RewriteCond %{HTTP_USER_AGENT} !(googlebot|bingbot|Baiduspider) [NC] //If user agent isn't bot
RewriteCond %{HTTP_REFERER} !^$ //Allow blank referral
RewriteCond %{HTTP_REFERER} mydomain.com //if referral is NOT from my domain
RewriteCond %{REQUEST_URI} !(^|&)images(&|$) //if URL contains string "images"
RewriteRule ^images/(.*)$ http://www.mydomain.com/cache/$1 [NC,R,L] //redirect to watermarked image
I'm pretty much trying to create Step 2 of this answer, but I'm having trouble with the "Equal to" and "Not equal to" as I come from php and ! operator is used for Not equal to.
Help someone?
</div>
Your second set of rules is an implicit allow. It's passing through the request without redirecting or forbidding access. That means you give it a list of conditions that you "want". Additionally, it looks like the "images" that you are matching against is in the query string, which won't be part of the %{REQUEST_URI} variable. You need to check against the %{QUERY_STRING} variable.
Something like:
// If referral is from my domain and accessing images, do nothing
RewriteCond %{HTTP_USER_AGENT} !(googlebot|bingbot|Baiduspider) [NC] //If user agent isn't bot
RewriteCond %{HTTP_REFERER} ^$ [OR] //Allow blank referral
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?mydomain.com [NC] //if referral is from my domain
RewriteCond %{QUERY_STRING} (^|&)images.*?(&|$) //if URL contains string "images"
RewriteRule ^.*$ - [NC,L] // DO nothing
// If referral is NOT from my domain and accessing images, show watermarked image
RewriteCond %{HTTP_USER_AGENT} !(googlebot|bingbot|Baiduspider) [NC] //If user agent isn't bot
RewriteCond %{HTTP_REFERER} !^$ //Allow blank referral
RewriteCond %{HTTP_REFERER} !mydomain.com //if referral is NOT from my domain
RewriteCond %{QUERY_STRING} (^|&)images.*?(&|$) //if URL contains string "images"
RewriteRule ^images/(.*)$ http://www.mydomain.com/cache/$1 [NC,R,L] //redirect to watermarked image
If the images thing is actually part of the request URI and not the query string, there's no way you'll have a & in it and that's what you're matching against. The regex (^|&)images(&|$) matches images, &images, images&, or &images& and nothing else, only those 4 possiblities. If you're trying to match against an image directory, then you want something like this instead:
RewriteCond %{REQUEST_URI} /images/
or
RewriteCond %{REQUEST_URI} !/images/