Hotlinking

Image Hotlinking (also known as leeching, or inline linking) is the practice of stealing bandwidth from other websites, by linking to an image stored on another server. By doing this, when a person visits a website with hotlinked images, the images must be downloaded from the other server, costing that server bandwidth, instead of the server being visited.

This practice can lead to gigabytes of bandwidth being "leeched" from other websites, with no benefit to themselves in return.

Am I Hotlinking Someone Else's Image?

It is quite possible that people new to webpages may be engaging in the practice of image hotlinking without realizing it. The best way to determine if you are image hotlinking is to look at the image code:

<img src="www.thisisntmysite.com/images/thisisnotmyimage.jpg">

If the image is coming from a site that isn't yours, it's considered hotlinking or inline linking. To solve this, save a copy of the image yourself (assuming you have permission to do so), upload it to your web server, and link to it from there. Alternatively, you can upload it to the numerous free image hosting sites available around the net.

Combating Image Hot Linking

There are several ways of combating leeching:

1. Image Replacement - The tool of more vindictive webmasters, this is when the images being inline linked to are swapped for more "inappropriate" content. Often embarrassing, this will ensure that the thief will look elsewhere for his/her images.

Unfortunately, this involves effort on a case-by-case basis and, while often entertaining, is not very efficient. Also, your poor victim may not even realize what they are doing is wrong, and swapping their image for something more embarrassing would just be cruel, wouldn't it?

2. Legal Action - Hotlinking to images and other multimedia can be considered intellectual property theft, and can open the perpetrator to legal action. This method of prevent hotlinking however, it is expensive and time consuming, and won't necessarily prevent others from trying the same thing.

3. .htaccess Files - The best method for beating image leechers is the use of a .htaccess file.

If you are new to to .htaccess files, it would probably be a good idea to Google it and have a read, before continuing. Here is the first line:

RewriteEngine On

This begins the rewriting rules, the rules that govern redirection when someone tries to access your website. Next:

RewriteCond %{HTTP_referrer} !^$

HTTP_referrer indicates the site the request is coming from. If someone hotlinks one of your images, the HTTP_referrer will be equal to whatever address the image was linked to. The full line means that the following code will only be executed if the referrer is not blank. Now, what if the referrer is YOUR site (i.e someone browsing your own website):

RewriteCond %{HTTP_referrer} !^http://(www\.)?yoursitehere.com(/)?.*$ [NC]

This line will allow requests whose referrer is your own site. If there are any other websites you would like to allow access, simply copy this line underneath itself, and replace "yoursitehere.com" with their domain. You can do this as many times as you like.

RewriteRule .*\.(gif|jpe?g|png|bmp)$ [F,NC]

This last line, will rewrite any requests who's referrer doesn't match the above criteria (i.e blank, from your site, or from any other site you specified) to point to nothing. The leecher will simply find that the image he is linking to will not display.

There you have it! This is how it will look:

RewriteEngine On
RewriteCond %{HTTP_referrer} !^$
RewriteCond %{HTTP_referrer} !^http://(www\.)?yoursitehere.com(/)?.*$ [NC]
RewriteCond %{HTTP_referrer} !^http://(www\.)?anothersiteitrust.com(/)?.*$ [NC]
RewriteRule .*\.(gif|jpe?g|png|bmp)$ [F,NC]

Once you gain more experience with using .htaccess files, you can tailor this code to work exactly how you want it, but for the time being, this should suit your needs.

The disadvantage to this method, is that you prevent people from linking to the image normally. This is not always a problem, especially if you'd rather have them link to the page the image resides on, but this may be unacceptable to others.

Leave a comment
Name:

Comment:

 
Total comments: 4
Phid commented on 25 Jan 2007 -
Please tell us how to blacklist sites rather than whitelist them. I would rather allow anyone to hotlink to my images (e.g. small sites) but have the ability to blacklist especially bad sites (e.g. inappropriate content sites or bandwidth hoggers). I would also like to place an image (e.g. "Image property of ____") in place of the hotlinked image. Thanks.
Ron Payne commented on 2 Jun 2007 -
Good information. Thanks for putting it up. Your site came up third down in Yahoo's search. LOL
Ron payne commented on 2 Jun 2007 -
Forgot to mention that every where else, "HTML_Referrer" as you have it is written as "HTML_referer". And it works that way. Haven't tried using "HTML_referrer" yet to see if it makes a difference.
Ron Payne commented on 9 Jan 2008 -
Can you list the code needed to allow specific sites/search engines like Google's, Yahoo's and other legitimate sites/engines? Have asked, but get so many variations. For example:
RewriteCond %{HTTP_REFERER} !^http://images.google.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://images.google.com$ [NC]

And about Yahoo. Tried so many variations that we lost track of what we were doing. LOL

Ron
http://PayneLessDesigns.com