Forum Moderators: phranque
Is there a way to sneak a redirection (javascript, HTTP, META, whatever method) on someone else's page if they are stealing images or other content from our site?
I have 2 situations:
1) there is another site which is hosting a copy of our pages, with stolen HTML hosted on their server (like, they just cut out our source and pasted it on their own page), but they are still hitting our server for the images on that page. When our server gets a request for an image from their site, can I send them something other than an image - like a little redirection script or something? Is it possible to put a "Location:http://mysite.com" header hidden in an image request?
Or, is it possible to do a switcheroo and instead of sending them an IMG, I send a SWF or something that can screw with their page via javascript.
2) I know of another site that is using PHP GET or fread() kind of thing to take content from our page and present it as their own. That is, when I change the content on our page, it also changes on theirs. How can I prevent them from doing that, in a way that makes it difficult for them to hack around the protection?
I'm running on Apache (so I'm kind of familiar with with .htaccess), using PHP.
<added>just re-read: I think it would be fairly easy (well, not mentally tough anyway) to send a redirect header with an image. No idea how though, though you'd prolly need to specify that all .jpg and .gif were given an x-httpd-php forcetype in .htaccess and then serve all those file through a php layer. er... does that make sense? sorry, thinking out loud, hehe! But i think it could be done for what it's worth..</added>
As for point 2, tough one, but they hopefully aren't clever enuf to mask there HTTP_USER_AGENT header so just check for that with PHP once you know whta there agent string is.
HTH
Nick
If they've stolen your content, why not just gather the documentation of this fact, send them an email and ask them to remove the offending material immediately? If they refuse, ignore, or are unreachable, then proceed to issue the request to their ISP. Most ISPs are very sensitive to claims that their customer violated the DMCA, since if they aren't, they lose their own safe harbor under the act (witness AOL's fight with Harlan Ellison recently, where everything turns on whether or not AOL failed to reasonably and quickly respond to his request to remove offending materials, leaving them open to "contributory negligence").
In the minority cases where even the ISP is a renegade, it is sometimes even possible to escalate the issue to the registrar that issued the domain in question.
Learning to type up and send a DMCA cease-and-desist letter is, unfortunately, becoming a necessary skill for modern webmasters.
