Welcome to WebmasterWorld Guest from

Forum Moderators: phranque

Message Too Old, No Replies

Someone blow up my bandwidth >> 200 GB in 5 days . Help!

hotlinking of images - loss of bandwidth - any solution



1:21 pm on Jun 7, 2007 (gmt 0)

5+ Year Member

Today I noticed huge bandwidth usage on one of my site. This site is a picture site and average bandwidth usage was about 2 - 3 GB / day. But during last 4-5 days, this site have use more than 200GB of bandwidth.

After going thru the logs, I find that an email (or more than one) is in circulation having hotlinks to allmost all the images (over 2000 high quality pictures) in one email. This email has been send to thousands of ppl by some group / person. Now these emails blowup all my bandwidth without any page view / ads being served. I was really horrified to see this. In panic I renamed the folder holding the pictures and changed all my html files pointing to new folder.

But this does not seems to be the solution. Again someone could do the same thing again and again. Further, if I am changing the folder / location of pictures, I don't know if it will affect indexing of images by google images as this is a main source of visitor at my site.

Can I do something to stop this mis-use? I really lost money due to this overusage. How can I make sure that this thing is not repeated with my site?

Pl help....

Matt Probert

1:41 pm on Jun 7, 2007 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

How to stop it? A good question.

Some people say to use the Apache configuration (or .htaccess) to prevent hot linking, but I found that sometimes that stopped legitimate serving of images (perhaps because the page was cached at an intermediary ISP), and that was also undesireable.

Sorry I cant be more helpful, but I have had similar problems for years and have not been able to solve the issue without creating other issues.



2:27 pm on Jun 7, 2007 (gmt 0)

5+ Year Member

I have also used .htacess in the past but faced same problem. So, I didn't use .htacess anymore in active folder / directory.

However, till this incident, I have not faced such a major problem. There are lots of incident where sites hotlinked images from my site or these were posted on a number of forums, but still this time it was really very big problem. Thousands of users (who received this email) was requested hundreds of images at the same time using 100 times the bandwidth :(

So someone else with some advice on this ....


2:52 pm on Jun 7, 2007 (gmt 0)

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

There isn't much you can do in that situation - other than move the files constantly.

Tip: put advertisment pictures in the old location. Just make the 404 on the old image directory, redirect to you ad picture. Be sure to put the url of your site in the picture.

Or: if you want to be mean, redirect the 404 to some "ugly picture" elsewhere.


5:36 pm on Jun 7, 2007 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

> but I found that sometimes that stopped legitimate serving of images

This is typically caused by a failure to handle blank HTTP_REFERER requests in the anti-hotlinking code. If the code does not allow image requests with blank referrers, then any visitor who comes to your site through a corporate or ISP caching proxy --for example, all AOL users-- will see a broken image.

On the other hand, some of the browsers fetching your images based on a hotlink may also be behind corporate or ISP caching proxies. If you allow blank referrers, they will successfully fetch your image.

So, you have to decide between breaking your own site for some legitimate visitors by blocking blank referrers to completely eliminate the bandwidth loss, or allowing some bandwidth loss by allowing blank referrers so that your legitimate visitors coming from behind caching proxies don't see broken images. Referrer-based solutions cannot be 100% effective, because for a request coming from a caching proxy, the referrer is meaningless and cannot be sent. Similarly, there is no referrer for a direct type-in request because the link came out of the user's memory, or off a slip of paper, bar napkin, newspaper, etc. The HTTP protocol makes no provision for those kinds of referrers... ;)

Nevertheless, if the code is written properly, it will work as described in either case.



8:45 pm on Jun 7, 2007 (gmt 0)

5+ Year Member

I think there are Apache modules to handle bandwidth quotas, e.g. mod_curb (although i've never used it). Another idea: feed all your images through a script that counts the number of accesses and if this reaches a threshold in one day/week/month, redirect requests with a blank referer to a small image that explains the problem. I haven't done this myself, so it's just a thought.


8:55 pm on Jun 7, 2007 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member

isn't there some php script that you can use (just one little line in place of the image url), that checks to see whether it is your own site asking for the image. if it's not, then it won't display.

(...i know we're not supposed to give out urls to other sites, but this guy is desperate for a quick fix, and it's a very long script! so i hope you won't mind.
go to the 'a list apart' website and do a search for smarter image hotlinking prevention)


9:08 pm on Jun 7, 2007 (gmt 0)

5+ Year Member

I have moved the images to a new folder and have redirected any request to old folder to a picture telling viewer that this picture is not available due to change of url. It give the url of my site and ask viewer to visit the site.

It really had a positive effect. I guess I have to move my picture folder constantly :)

But if I do this, will it affect indexing of my images with google image search?


Featured Threads

Hot Threads This Week

Hot Threads This Month