Hotlinking or bandwidth theft is direct linking to a website's file including images, video and others on the external website. It has become prevalent in the many forums and message boards on the web that allow users to insert images. The user resorts to hotlinking those when creating the tag as it is not possible to keep on the host site.
The Harm Caused by Hotlinking
When an tag is used to display a JPEG image found on someone else's webpage so that it will appear on one's own site, journal, weblog or forum posting, hotlinking is taking place. Other people might find it flattering to know that someone would be interested in a photo they have taken. This practice, however, consumes bandwidth and slows down the web server. When done excessively, the unknowing victim ends up footing an extra bill from his/her hosting provider.
One sure sign of hotlinking is the appearance of strange web sites in one's referrer logs. When sites that wouldn't normally be interested in one site are the ones that are appearing, then something is definitely up. When the offending sites are visited, photos owned by the other site are sure to be posted there. They do not make copies of the photo but rather link directly to the photo hosted on the website. Higher than normal bandwidth consumption is another sign. The log analysis tools might even show a higher number of hits for an image than for the page that displays it.
Blocking Hotlinking
The only fool-proof way to stop hotlinking is to turn-off one's website. This is rather extreme and does not present a viable option to site owners. The best bet lies on creating an .htaccess file. Although there are many variations that exist on the specific regular expressions that can be written, they all accomplish the same thing. One can either throw the client a "forbidden" which means that the image is not there or the client gets to be redirected to another image which is usually something suitably offensive. Using the Rewrite Rule to forbid display of image is a simple rule which effectively blocks the display on remote sites. Redirecting requests for images from remote web pages to an image of choice on one's website is taking this rule a step further. A good example of this is an image which says "This image is stolen". A person who tries to link directly to the original images of a site is inadvertently serving the redirected image to his/her pages.
Redirecting a browser from one file type to another is essentially not a good idea. The best approach is to make a separate version of the redirected image in each format that one uses on a site such as one for gif format, one in jpeg format, one on jpg format and so on. Each hot linked image is then redirected to the matching file type.
If one is feeling a little bit mischievous, other interesting images can be served to people hotlinking to one's images. If the offender site is into selling, for example, an image that says "Free Shipping Worldwide" would surely discourage the offender as the very reason for hotlinking is to make money, even in an unacceptable manner. No company can survive, much less earn with a guarantee such as shipping for free worldwide.
Some people recommend the white list approach. This is basically blocking all referrers except for those sites that are specifically allowed to do so. Again, this approach borders on the extreme as it blocks all requests, legitimate or otherwise. Accidentally blocking legitimate requests from search engines, feed readers and others would be very disadvantageous to the site.
The black approach is a better option as it intends to block some specific sites that are considered the worst offenders. A website owner has to find out if his/her website is on an Apache Server and if the use of .htaccess is allowed by them. A simple email to the web space provider will provide a swift answer. The .htaccess file should go into a website's root directory on one's web server.
Verification that everything is working properly on one's site has to be done. Mod-rewrite is very powerful but it only needs one typo for hell to break loose. The block listed sites should be checked out if the stop image is being shown. It might be a nice twist to include one's URL on the image. It wouldn't hurt to get some free advertising in the process.
This is how to disable hot linking of certain file types on one's site through .htaccess by simply adding the code below to one's .htaccess file. Uploading the file either to the root directory or a particular subdirectory is necessary to localize the effect to just one section of the site.
RewriteEngine on
RewriteCond%{HTTP_REFERER}!^$
RewriteCond%{HTTP_
REFERER}!^http://(www.)?mydomain.com/.$[NC]
RewriteRule.(gif/jpg/js/css)$-[F]
The "my http://domain.com" is to be replaced by one's own. The above code creates a failed request when hot linking of the specified file types occurs. A broken image is shown in case of the image.
To block traffic from a single referrer:
RewriteEngine on
#Options+Follow-Symlinks
RewriteCond%{HTTP_REFERER}badsite.com[NC]
RewriteRule.-[F]
To block traffic from multiple referrers:
RewriteEngine on
#Options+Follow-Symlinks
RewriteCond%{HTTP_REFERER}badsite.com[NC.OR]
RewriteCond%{HTTP_REFERER}anotherbadsite.com
RewriteRule.*-[F]
JavaScript can be used to prevent right-clicking an image when already in a browser. This is a very weak defense though as people just need to switch JavaScript off and/or use a decent browser and it's all there. Using JavaScript to write images into a page does not offer sufficient protection as hotlinkers can easily link to images once they know the origin URL.
FileProt is a protection script that is simple to set up and use. It does not allow anyone coming from unauthorized places access to certain files in one's web server. This allows for the specification not only of unauthorized domains but pages in one's domain as well. It can be specified to allow file or image download from certain pages in one's domain. Hotlinkers and bandwidth leeches are completely blocked but this script is not intended for super high-traffic sites.
Download Tracker is a CGI script that manages downloads from one's web page. Options include requests for email address and anti-leech system. It is multi-platform compatible and has a back-end control panel.
- Related Articles
- Related Q&A
- SEO Technology
- A Closer Look at SEO Technology
- SEO Technology - How To Ensure Continued Success In Search Engine Rankings
- Use SEO Technology to Increase Your Online Business Significantly
- Use Seo Technology To Increase Your Online Business Significantly?
- Video SEO technology & strategy
- SEO - Alchemy for the Internet
- What Kind of Two General Categories in Seo?
How to find Cheap Phone Calls & Reduce Bills
By: Noah Back | 08/01/2010There are many ways to reduce your phone bill, from looking for another telecoms supplier who is offering cheap phone calls to reviewing your phone usage. You could even start looking at alternative communication options such email, text messages or making phone calls over the internet. If you are struggling to pay your current phone bill you should contact your supplier as they may have options designed to make paying your bills easier and cheaper.
Australia - Telco Company Profiles - 2nd Tier
By: Bharat Book Bureau | 08/01/2010Bharatbook.com added a new report on "Australia - Telco Company Profiles - 2nd Tier" provides an analysis of the current outlook for the major second-tier firms as well as statistics relating to revenues and market shares.
Tele/Audio Conferencing Tips
By: Linda Breim | 08/01/2010Teleconferencing or audio conferencing is an easy and inexpensive way to communicate with people situated in different locations at the same time. Many times it is not possible for everyone to meet face to face at a particular location and so this comes as a handy solution for all.
Pass4side Cisco 642-961 exam
By: aminalee | 08/01/2010Pass4side.com GUARANTEES that you will pass your 642-961 exam on your first attempt after using one of our 642-961 training products. That's right, with the 100% pass rate, the exam tools that we have created for you are so good - we can't help but guarantee your results.
Pass4side 650-393 Practice Exams
By: aminalee | 08/01/2010Pass4side provides high quality Cisco 650-393 braindumps. It is the best and the lastest Cisco 650-393 Practice Exams. Furthermore, we are constantly updating our Exam Cisco 650-393. These Exam Resources updates are supplied free of charge to Pass4side customers.
Pass4side 70-660 certification and training
By: aminalee | 08/01/2010Pass4side known to be the best for providing the exam questions for the Microsoft 70-660 certification and training . Our 70-660 expert's team has designed and prepared the training kit for Microsoft 70-660 certification.
Compare Fax Services - What You Need to Know
By: Benjamin Hubzil | 08/01/2010It is crucial to compare online fax providers as there are many services available. Getting to know more about faxing through the internet and the services available help you get a better knowledge of what type of service you will be getting including benefits and features. There are several ways to compare internet fax services and in this article we will cover 3 important methods.
Riya: A Big Leap In Visual Search Engines
By: Danny Wirken | 16/11/2006 | CommunicationWatch out for new software that will give a new face to search engines. Rather, a program that includes faces in the search function. A new California-based company, Ojos, developed the online photo-based search service named Riya.
Web 2.0, A Guide For Newbies
By: Danny Wirken | 04/11/2006 | CommunicationA couple of years back Bill Gates introduce the idea of Convergence to the public. It was a fresh idea that later became a catchphrase for the Internet Industry.
Trackback Spam Explained
By: Danny Wirken | 04/11/2006 | CommunicationIn most blog applications, there is a feature called Trackback, which allows the user to send a trackback or notification to a different site or another blog that the user referred to in his own blog.
To Blog Or Not To Blog: The Ups And Downs Of Blogging
By: Danny Wirken | 04/11/2006 | CommunicationWhenever the subject of the phenomenon called blogging is raised, most people immediately think associated it with an online diary or weblog. The term weblog refers to key words. First is web from the World Wide Web and log, as in keeping a log.
Tips On How To Deal With Anonymous Comment Spam
By: Danny Wirken | 04/11/2006 | CommunicationHave you ever experience being flooded with anonymous comments? If yes, then chances are you have been a victim of comment spam. As with everything on the Internet, spam had also evolved. They are no longer limited to email.
The Latest On WordPress Themes
By: Danny Wirken | 03/11/2006 | CommunicationAs WordPress and blogging become more and more popular, the list of customization options continues to grow. One can attribute that to each user wanting his or her blog to be unique or very much personalized.
The Exciting World Of Video Blogging
By: Danny Wirken | 03/11/2006 | CommunicationWhen the idea of weblogs was first introduce online, it was an instant phenomenon. Suddenly just about everyone feels the need to create their own space online by writing their thoughts. Then podcasting was introduced—blogging in audio form.
What You Newbies Need To Know About Pay Per Click Ads
By: Danny Wirken | 03/11/2006 | CommunicationJust about anyone who has been using the Internet in the last few years has no doubt come across the term "pay per click" once or twice. Pay per click is actually one of the less expensive, albeit efficient, forms of advertising online.