Welcome to WebmasterWorld Guest from 50.17.16.177

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Deny direct request to images on the website

websites that link directly to images from my website

     
2:05 pm on Jan 27, 2013 (gmt 0)

New User from BG 

joined:Jan 27, 2013
posts: 9
votes: 0


I have recently had number of websites that link directly to images from my website. This is not hotlinking, it is direct server request. As an example: on the linking website there is image gallery script with thumbnails and when the visitor clicks on the thumb it loads the image from my website.

I block the their IP-s in .htaccess, but it is not the best way to stop them since they change their IP. I found another thread in the forum about the same, but no solution provided.

Does anybody has any idea how to deny such request in .htaccess?

Your help is greatly appreciated
georgi
4:44 pm on Jan 27, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 11, 2001
posts:5408
votes: 2


Mobile devices are changing the world.

Serving your images from a script is the only solution, and restricting the requests from your own active web pages.
5:21 pm on Jan 27, 2013 (gmt 0)

New User from BG 

joined:Jan 27, 2013
posts: 9
votes: 0


would you, please give more details.
5:54 pm on Jan 27, 2013 (gmt 0)

Preferred Member

5+ Year Member

joined:Mar 27, 2010
posts:423
votes: 0


This is not hotlinking, it is direct server request.


You mean no referer? Try creating a white list in htaccess instead of a black one.
List all domains that are allowed to request images, if there is no referer then block access or show some image of your preference.
6:27 pm on Jan 27, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 11, 2001
posts:5408
votes: 2


if there is no referer then block access or show some image of your preference.


This is NOT a sound practice.
There are too many blank referrals these days, and you would be denying many innocents.
7:15 pm on Jan 27, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 11, 2001
posts:5408
votes: 2


would you, please give more details.


There are multiple previous explanations either in this forums archives or the SSID forum archives.

I've never saved the explanation (or link to same) because it's not feasible for my use.

Perhaps another may provide the details and/or a link.
1:42 am on Jan 28, 2013 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month

joined:Apr 9, 2011
posts:12704
votes: 244


Robots don't send referers. That includes legitimate search engines. Obviously this is not a problem-- it may even be an advantage-- if you don't want your images crawled. But as wilderness said above, there are also perfectly legitimate humans who don't send referers. And you can't identify them with some constant variable oops, uhm, well, you know what I mean like UA or IP.

The core problem is that your server can't tell the difference between a hotlink and a direct request. The referer is identical either way: It's the name of the requesting page.
4:25 am on Jan 28, 2013 (gmt 0)

New User from BG 

joined:Jan 27, 2013
posts: 9
votes: 0


The core problem is that your server can't tell the difference between a hotlink and a direct request. The referer is identical either way: It's the name of the requesting page.


if this is true, then logically you can write rules to exclude all other websites when requesting jpg files and serve particular page instead. not by IP or UA, but domain name.