Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dealing with Deep-Linking to Your Online Photos?

Posted by Cliff on from the content-snagging dept.

Pig Hogger asks: "I've had my own hobby website since 1993, and over the years it has expanded to be quite a reference for the domain I am covering (some pro websites list it as additional reference, and so does Wikipedia. Google page-ranks it amongst the top). Every so often, I peruse the logs, most especially looking at the referrers to see where people come from, and once in a while, I notice that some webloggers deep-link to an image on my site. I do not mind too much when it's on-topic, but when it's not *AND* it's sucking-up bandwidth, I tend to be irked. Or worse, when you can't go look at the referring page without registering on the weblog site. In those cases, I change the picture filename (and the corresponding webpage that calls it), and I substitute a smaller (and most often, naughty) picture. What other tricks those of you are facing the same problem have to address this problem?"

9 of 139 comments (clear)

  1. Use a CGI script to block them. by MooseGuy529 · · Score: 3, Informative

    What most websites do is use a CGI script that blocks by Referer and/or IP Address (so like allow any request with your site as a referer, or any IP that has requested another page within the past ~5 minutes, in case people hide referers with crappy paranoid firewalls). You could make it generate a list of pages for you to easily review and allow or block.

    --

    Tired of free iPod sigs? Subscribe to my blacklist

  2. Solved problem by JimDabell · · Score: 3, Informative

    The typical solution to this is serving a complaint image to requests with the Referer header set to something starting with 'http' that don't correspond to your website. Five minutes on Google would have told you this (and provided ready-made recipes for Apache).

  3. Apache recipe by ccarr.com · · Score: 4, Informative

    I have a number of photo sites, most of which would be interesting only to friends and family, but a couple are of general interest. I don't mind LINKING (as in anchor tags) to my photos, but nobody does that. They EMBED (with img tags) my photos, thus sucking up my bandwidth to enhance their own pages.

    First, name your photos with a unique file extension. I use ".jpeg" for photos and ".jpg" for other incidental JPEG files on the site. Then, place this in the relevant area of your Apache config:

    ### BLOCK IMAGE EMBEDDING
    SetEnvIfNoCase Referer "^http://.*yourdomain\.com/" local_ref=1
    <FilesMatch "\.(jpeg)">
    Order Allow,Deny
    Allow from env=local_ref
    </FileMatch>

    --
    I don't know half of you half as well as I should like, and I like less than half of you half as well as you deserve. BB
  4. Re:Solved problem (htaccess and geocities) by Jondaley · · Score: 4, Informative

    Here is my .htaccess for doing just this.

    I have gotten a number of emails from people who didn't appreciate my changing their image (or their background -- that was a good one, couldn't read the person's site at all)

    # Need additional rewrite for the directory without a slash, because otherwise
    # the (.*) matches the whole URL. There is probably a better way to do this
    # but this works
    RewriteRule html_gifs$ http://www.geocities.com/last_id_in_the_world/html _gifs/ [L,R=permanent]

    # People who don't get it...
    RewriteCond %{HTTP_REFERER} ^http://www.playahead.com/GroupInfo.aspx.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} ^http://www.xanga.com/private/home.aspx$ [NC,OR]
    RewriteCond %{HTTP_REFERER} ^http://www.kindertent.nl/template.php?id=278628&t id=38$ [NC,OR]
    RewriteCond %{HTTP_REFERER} ^http://nuvoleinviaggio.blog.excite.it/$ [NC]
    RewriteRule ^(.*)$ http://www.geocities.com/last_id_in_the_world/html _gifs/funny_looking.gif [L,R=permanent]

    # People who don't get it. -- these people are especially annoying,
    # as apparently mozilla-- doesn't set the referrer is not set when using style sheets...
    #RewriteCond %{HTTP_REFERER} ^$ [OR]
    # RewriteCond %{HTTP_REFERER} ^http://www.xanga.com/home.aspx?user=da_forg3tabl3 _1.*$ [NC]
    RewriteRule backgrounds/blue-faded.jpg /~jondaley/html_gifs/funny_looking.gif [L,R=permanent]

    # uncomment this if you want people who don't have their referrer
    # set to also be redirected
    RewriteCond %{HTTP_REFERER} ^$ [OR]

    # If linked to from somewhere else, forward them to geocities
    RewriteCond %{HTTP_REFERER} !^http://www.snurgle.org/.*$ [NC]

    # Forward all requests, since we are within the html_gifs directory
    RewriteRule ^(.*)$ http://www.geocities.com/last_id_in_the_world/html _gifs/$1 [R=permanent]

  5. A better way to do it by Rameriez · · Score: 5, Informative

    I had this exact same problem with a few images I host on my site. Typically from forums that allow avatars to be hosted offsite. I did a bit of a google on the problem of "hot linking", and came up with this:

    http://www.alistapart.com/articles/hotlinking/

    It's an excellent solution that prevents hot/deep image embedding, but allows for normal anchor links to your pictures. You'll need to be hosting on an apache server and be allowed to use .htaccess files and have mod_rewrite, plus the tiniest amount of php/perl scripting knowledge (php example in link).

    Basically, you rewrite any requests for images from offsite with a URL that points to a script. Embedded images will fail, because the browser expects image data when it gets text/html instead. The script simply displays the image, perhaps puts a credit in, and a link back to your site.

    This way, you can block most people from stealing your bandwidth by embedding your images in their pages, but not prevent less-harmful linking.

  6. [PATCH] spoofing vulnarability by Anonymous Coward · · Score: 1, Informative

    Description: spoofing vulnarability. Allows: myprefix-yourdomain.com. Patch attached, httpd.conf-remvuln.patch:

    --- conf.0 Tue Feb 8 18:07:17 2005
    +++ conf.1 Tue Feb 8 18:07:48 2005
    @@ -1,5 +1,5 @@
    ### BLOCK IMAGE EMBEDDING
    - SetEnvIfNoCase Referer "^http://.*yourdomain\.com/" local_ref=1
    + SetEnvIfNoCase Referer "^http://.*\.yourdomain\.com/" local_ref=1
    <FilesMatch "\.(jpeg)">
    Order Allow,Deny
    Allow from env=local_ref

  7. Re:Switching images is far more fun by Anonymous Coward · · Score: 1, Informative

    Don't worry they're both SFW.

  8. Slightly better solution by OblongPlatypus · · Score: 2, Informative

    SetEnvIfNoCase Referer "^http://" remote_ref=1
    SetEnvIfNoCase Referer "^http://.*\.yourdomain\.com/" remote_ref=0
    <FilesMatch "\.(jpeg)">
    Order Deny,Allow
    Deny from env=remote_ref
    </FilesMatch>

    This will let your page work for people with anonymizer services and firewalls which block the referer field. Of course for those people the remote linking will work as well, but usually they are few enough for the bandwidth impact to be negligible.

    --
    -- If no truths are spoken then no lies can hide --
  9. Re:Switching images is far more fun by I8TheWorm · · Score: 2, Informative

    IPalindromeI replied to a journal entry I made about this topic, and pointed out that it's 2 bytes per axis, which I should have realized given the values of 255 mentioned before. So it's bytes 7-10 that become FF. I tested it and it worked... the images is HUGE, but the filesize is 43 bytes.

    You're also right about being disruptive and non-offensive, and keeps your bandwidth usage pretty low.

    So do I have to pay you some royalties if I use this in the future?

    --
    Saying Android is a family of phones is akin to saying Linux is a family of PCs.