homepage Welcome to WebmasterWorld Guest from 54.145.252.85
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
Deny direct request to images on the website
websites that link directly to images from my website
georgi58



 
Msg#: 4539642 posted 2:05 pm on Jan 27, 2013 (gmt 0)

I have recently had number of websites that link directly to images from my website. This is not hotlinking, it is direct server request. As an example: on the linking website there is image gallery script with thumbnails and when the visitor clicks on the thumb it loads the image from my website.

I block the their IP-s in .htaccess, but it is not the best way to stop them since they change their IP. I found another thread in the forum about the same, but no solution provided.

Does anybody has any idea how to deny such request in .htaccess?

Your help is greatly appreciated
georgi

 

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4539642 posted 4:44 pm on Jan 27, 2013 (gmt 0)

Mobile devices are changing the world.

Serving your images from a script is the only solution, and restricting the requests from your own active web pages.

georgi58



 
Msg#: 4539642 posted 5:21 pm on Jan 27, 2013 (gmt 0)

would you, please give more details.

matrix_jan



 
Msg#: 4539642 posted 5:54 pm on Jan 27, 2013 (gmt 0)

This is not hotlinking, it is direct server request.


You mean no referer? Try creating a white list in htaccess instead of a black one.
List all domains that are allowed to request images, if there is no referer then block access or show some image of your preference.

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4539642 posted 6:27 pm on Jan 27, 2013 (gmt 0)

if there is no referer then block access or show some image of your preference.


This is NOT a sound practice.
There are too many blank referrals these days, and you would be denying many innocents.

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4539642 posted 7:15 pm on Jan 27, 2013 (gmt 0)

would you, please give more details.


There are multiple previous explanations either in this forums archives or the SSID forum archives.

I've never saved the explanation (or link to same) because it's not feasible for my use.

Perhaps another may provide the details and/or a link.

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4539642 posted 1:42 am on Jan 28, 2013 (gmt 0)

Robots don't send referers. That includes legitimate search engines. Obviously this is not a problem-- it may even be an advantage-- if you don't want your images crawled. But as wilderness said above, there are also perfectly legitimate humans who don't send referers. And you can't identify them with some constant variable oops, uhm, well, you know what I mean like UA or IP.

The core problem is that your server can't tell the difference between a hotlink and a direct request. The referer is identical either way: It's the name of the requesting page.

georgi58



 
Msg#: 4539642 posted 4:25 am on Jan 28, 2013 (gmt 0)

The core problem is that your server can't tell the difference between a hotlink and a direct request. The referer is identical either way: It's the name of the requesting page.


if this is true, then logically you can write rules to exclude all other websites when requesting jpg files and serve particular page instead. not by IP or UA, but domain name.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved