How to Stop Image Hotlinking by Counter-Punching with Free Advertising by matthewtommasi

VIEWS: 156 PAGES: 10

How to Stop Image Hotlinking by Counter-Punching with Free Advertising

More Info
									   How to Stop Image Hotlinking by
Counter-Punching with Free Advertising

As bloggers we take great pride in our work.. spending hours upon hours late into the
night bashing away at our keyboards on our latest posts.

One of the most satisfying and rewarding things for us is to receive pingbacks from other
bloggers linking to our articles.

Which is basically a pat on the back saying ‘This is a cool post which I think adds value and
I’m going to link to it‘.

And we do the same.. linking back to other blogger’s articles.

However the Internet is a bit like the wild west. There are a lot of unscrupulous
characters out there who copy your work and claim it as their own.


Some of these methods include,

      Copy and paste
      Copying source code and pasting
      RSS scraping

Just to name a few..

There is another method which this post looks at, which is hotlinking.

Hotlinking is when someone links directly to a file (eg image, audio, video, PDF, etc) that
sits on your webserver.

The problem with this is that they are stealing your bandwidth.

Every time someone views this image or file on the hotlinker’s article, it needs to be
downloaded from your webserver.

And this chews into your monthly bandwidth quota.. that you pay for.

Also, it puts extra strain on your server’s resources which can result in having to pay your
ISP more money to upgrade to a higher plan, allowing for more resource allocation, or
bandwidth/CPU throttling.

RSS scraping is when a program reads (scrapes) your website, creates an RSS feed..
which then gets re-published somewhere else on the Internet.

Often people will scrape a whole heap of websites, re-publish them all on a blog, whack
on a heap of Google Adsense ads, sit back and watch the money roll in.

Everything is automated.

This happened to me the other day.

I got a heap of pingbacks for some posts of mine and went to check them out.

Upon visiting the other site I was shocked to find that an entire post of mine had been

Looking further around this site I found probably 15 posts of mine that were an exact

I wasn’t too happy.

For those who don’t know you can do a Whois lookup on any domain,

Often you will be presented with the owners name, address, phone number and most
importantly in this situation, their email address and Internet Service Provider (ISP),
which can help when contacting them.

Lucky this site had a contact page with the owner’s email address.

So I emailed the guy telling him he had plagiarised, provided links of his and the original
posts of mine and told him to remove them or I would contact his ISP and let them know
he was stealing my content.

A few hours later I got a genuine apology from the guy saying he was testing out RSS
scraping and that he would take down the posts.

If this happens (or has happened) to you there is no guarantee that they will remove
your posts.. and even if you contact their ISP, it could take a long time for them to

Ways to Fight Back
I wanted to be proactive on this, so I did some searches on Google and found a few ways
to fight back,

   1.   Ban via IP address
   2.   Ban via IP address range
   3.   Ban via http_referrer
   4.   Modify your .htaccess file to prevent hotlinking

None of these methods are 100% fool-proof.. but they do act as a good deterrent and are
a step in the right direction when fighting back against content theft.

I didn’t want to ban via IP address as their address could be dynamic, meaning every so
often their IP address will be recycled and the address I banned could be given to a
genuine user. This could be achieved by using the WP-Ban WordPress plugin.

I didn’t want to ban via http_referrer (blacklisting the offending site eg,, as there may be many other sites doing the same thing.

I wanted to widen my scope by preventing people linking to my images (hotlinking). This
is done by modifying or creating a file called .htaccess and placing it in the root directory
of your website.

What this does is it prevents other websites from linking to files (ie images) on my
webserver.. and when they do, they are redirected to my own custom image.

Before we get started you need to make sure that,

      you have an Apache webserver
      mod_rewrite enabled
      support for .htaccess

If you are unsure whether you can create or modify .htaccess files check with your web

Create a Custom Image
I have heard of other bloggers using images from shock sites as an aggressive deterrent..
if you don’t know what I’m talking about just search for shock sites in Wikipedia!

Initially I was tempted to go this way, but wanted to remain professional and create a
clean image.

Then it hit me.. why not create an image with my URL on it?

That way I am killing two birds with one stone,

   1. the hotlinked image will be replaced by my custom image
   2. my web address will be freely advertised around the internet

Visitors to those sites will see my images and more than likely come directly to my site!

This is the image I created,

When you create your own image, make sure you rename its extension to jpe (you will
see why shortly).

I named my image nohotlink.jpe

I have a directory on my server called /pictures, which is where I uploaded nohotlink.jpe

Create a .htaccess File
After doing a little bit of homework I created the following .htaccess file,

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?thesocialmediaguide\.com\.au/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !bing\. [NC]
RewriteCond %{HTTP_REFERER} !blogcatalog\. [NC]
RewriteCond %{HTTP_REFERER} !facebook\. [NC]
RewriteCond %{HTTP_REFERER} !feed\. [NC]
RewriteCond %{HTTP_REFERER} !feeds2\. [NC]
RewriteCond %{HTTP_REFERER} !google\. [NC]
RewriteCond %{HTTP_REFERER} !linkedin\. [NC]
RewriteCond %{HTTP_REFERER} !msn\. [NC]
RewriteCond %{HTTP_REFERER} !networkedblogs\. [NC]
RewriteCond %{HTTP_REFERER} !read\. [NC]
RewriteCond %{HTTP_REFERER} !rss\. [NC]
RewriteCond %{HTTP_REFERER} !search\?q=cache [NC]
RewriteCond %{HTTP_REFERER} !space\. [NC]
RewriteCond %{HTTP_REFERER} !yahoo\. [NC]
RewriteCond %{HTTP_REFERER} !zilla\. [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png|jpg)$ /pictures/nohotlink.jpe [L]

I will explain what these rows mean..

      RewriteEngine On = tells Apache to turn the rewrite engine on
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?thesocialmediaguide\.com\.au/ [NC] = allows
       my own site “” to link to my images.. the [NC] code means
       “No Case” or not case-sensitive
           o For this line you would put you own domain in – RewriteCond %{HTTP_REFERER}
              !^http://(.+\.)?yourdomain\.com/ [NC]
      RewriteCond %{HTTP_REFERER} !^$ = allows viewing images from blank referers, which is
       important because some browsers won’t send referers, even if the image is linked on
       your own website
      The next lines allow search engines like bing, google, msn, yahoo to link to my images
           o I also allowed rss feed readers to link to my images
           o I also allowed other sites such as facebook, linkedin, myspace, blogcatalog,
              networkedblogs to link to my images
           o Here you can add as many different domains as needed
      RewriteRule .*\.(jpe?g|gif|bmp|png|jpg)$ /pictures/nohotlink.jpe [L] = the last line forbids
       any website not listed above from linking to these files, if they do they will be redirected
       to nohotlink.jpe
           o You will need to specify the path where you custom image sits.. mine is located at
           o The [L] code basically means this is the Last line

[Edit - If you have strong experience with .htaccess files or regular expressions and are
reading this post.. please review my code above.. and if it can be improved please let me
know by leaving a comment!]

Upload Your .htaccess File
Your .htaccess file needs to be uploaded to your website’s root directory.

The next thing you will want to do is see if it actually works.. I would recommend
emptying your browser’s cache first.

Now visit the offending website and see if all the hotlinked images have now been
replaced by your custom image.

You could also use Feedburner to uncover additional sites that are republishing your
content that you may not be aware of.

If you have connected your RSS feed up to Google’s free service Feedburner (an RSS
management service).. you can take advantage of one of its traffic analysis tools to help
you find potential sites that have scraped your content.

Uncommon Uses shows where your content is being re-published.

Click on the Analyze tab.. then click on Uncommon Uses,

Show the Stats for the last 30 days.. and you will be presented with a list of referrers that
are re-publishing your RSS feed,

Click on one of the links under a referrer,

Now you will be direct to a page that is re-publishing your content.

Counter-Punching with Free Advertising
If you have correctly setup your .htaccess file.. then any of your images that have been
hotlinked (anywhere on the internet) will now be replaced with your custom image,

Here are a couple of live examples (at the time of publishing this post),


Counter-punching.. with free advertising!

                     The Social Media Guide
The Social Media Guide provides helpful advice and tips on connecting you to others,
through the use of social media and social networks.

The Social Media Guide is an authoritative source on current and emerging social media
tools and platforms.

The current explosion in social media technologies has made it easier than ever to
connect with friends, groups, customers and networks with similar interests, from all
around the world.

Businesses can benefit greatly by using social media to market their product, strengthen
brand recognition and attract new customers.

My aim is to show you how social media can be used, to connect with more people
faster, by providing clear and simple solutions.

The Social Media Guide will show you how to extend your reach deeper into the social
web, and connect with more people.

This material may be shared with everyone, not sold for profit and not modified in any


Matthew Tommasi



twitter:      @socialguide



To top