HowTo: Prevent Bandwidth Theft or Hotlinking
17 Comments September 6, 2007 1454 Views
Hotlinking, inline linking, direct linking, leeching or bandwidth theft. Call it whatever you want but it all means the same thing, the loss of precious bandwidth. Bandwidth theft is very rampant in the world wide web.
If you don’t pay for hosting or don’t have any bandwidth limits, then you might not be worried about it. But to those who pay for web hosting, especially those who have a small monthly bandwidth limit, every byte counts. You wouldn’t want to exceed your limit because other people are using up your bandwidth by hotlinking your files, right?
One way of protecting your files from hotlinking is by inserting certain rules in your .htaccess file. In the following examples, the files being protected are image files. You can change them to any file formats that you wish to protect.
NOTE:
For WordPress users, you can insert these lines of code right before the line # BEGIN WordPress in your .htaccess file. Make sure you make a backup of your .htaccess file before editing it.
Block a specific domain
This code will return a 403 Forbidden Error instead of the file only when the image is requested by the specified domains in this example: domain.net & domain.com
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(www\.)?domain\.net/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?domain\.com/ [NC]
RewriteRule \.(jpeg|JPEG|jpe|JPE|jpg|JPG|gif|GIF|png|PNG|mng|MNG)$ - [F]
Block all domains
This code will return a 403 Forbidden Error instead of the requested file to all domains except domain.com, which should be changed to the domain name of your site or where the file is used.
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(jpe?g|gif|png)$ - [F]
If you already have disabled hotlinking or activated a anti-hotlinking measure, then good for you! If not, then you should. You wouldn’t want to lose precious bandwidth to hotlinking don’t you?
To check if your files are safe or if your hotlinking measures are working, check out this free online anti-hotlinking testing tool. If you’re worried about messing with your .htaccess file, you can try this .htaccess editor that’s recommended by AJ.
I’ve had several experiences of bandwidth theft and people hotlinking to my images. Well, that was before I disabled hotlinking. Now, I don’t even worry about it. How about you, have you had any experience of someone hotlinking your files? What did you do about it? What are the anti-hotlinking measures you’re taking? Tell us about it.
(3 votes, average: 5 out of 5)
Loading ...
Hello and welcome to JaypeeOnline! My name is Jaypee Habaradas and I'm the author of this blog that talks about the latest blogging news, WordPress theme and plugin reviews, technology, gadgets and tips & tricks.
i was using a similar code in the htaccess. in addition, the code allows me to restrict hotlinking in a specific folder only. however, i decided to remove the code because it tends to mess up my rss sometime.
@iRonnie - Yeah, I forgot to mention about that. Allowing or restricting access to files in a certain folder.
I never had any problems with images in my RSS feeds even after using these rules in my .htaccess file. Btw, which rule did you apply?
i’d probably try this. my bandwidth consumption is now over 50% of my limit. will it be because google displays my images on it’s search page?
@mr nice ash - How much is your monthly bandwidth limit? I’m not sure about this but I think the images that Google display in it’s search results are cached so it doesn’t really eat up much bandwidth from you unlike if the file is directly hotlinked.
There are other things that eat up your bandwidth, stuff like WordPress plugins that are not properly coded, unnecessary codes in your php files, etc. So you’ll have to check these out one by one an d determine the ones you can eliminate. I know it’s a tedious job but you’ll have to do it if you want to optimize your bandwidth usage.
i cant seem to find my reference for the code i used because i have already removed it from my htaccess. but i do remember it came with a code like this:
RewriteEngine onRewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ http://www.mydomain.com/angryman.gif [R,L]
substituting an anti-linking image of your choice.
@iRonnie - I see. In my case, I just block other domains from hotlinking to my files and I don’t use the anti-linking image.
As far as I know, these rules shouldn’t mess the RSS feeds. What if you try a different rule? Or try this one:
RewriteEngine OnRewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(jpe?g|gif|png)$ images/no_hotlink.jpg [L]
Let me know if it works or not.
nice one for this … this will greatly help my bandwidth.
really hate when someone do this stuff…
tnx for this..
@Ronald - You’re welcome! I’m sure everyone hates hotlinking except for those persons who do it themselves. Hehe Thanks for dropping by.
ei jaypee, I tried using this anti-hotlinking code. I did check my feedburner today and was shocked by the number of feeds that was lost, is it really messing up the feeds?
@derek - Hi! Which rule did you use? As what I told iRonnie, I’ve never had these problems with my RSS feeds when I implemented this rules in my .htaccess file. And based on principle, these rules only protect your files from direct linking via http and doesn’t protect your files via RSS feeds.
Have you tried removing the anti-hotlinking rules from the .htaccess file and checking your RSS feeds? Let me know of any developments or if you’re still experiencing the same problem.
I used the block all domains rule, I took it out and then the feeds eventually shows up.
I agree that it shouldn’t mess up the feeds but for some weird reason that happened to me. Hmm maybe I’ll try it again after a few days. Thanks for this post!
@derek - I see. I guess you shouldn’t implement it for now. Yeah, it should mess up your RSS. I guess it has something to do with your blog setup or settings.
I’ll try to do some research and find out what causes that issue and maybe come up with a fix. You’re welcome!
thanks for sharing jaypee. i have read about this somewhere on codex.wordpress.org but i really never paid attention about hotlinking. i’ll use this na talaga dahil maraming naghahotlink sa mga images ko
@Beng - You’re welcome Madam Hafner! You mentioned that there are many hotlinks to your images, I’m sure it eats up a considerable amount of your bandwidth so you really should have some sort of anti-hotlinking measure on your blog.
Btw, how’s it with the pyscho designer? She still bothering you? Hehe
I actually have no bandwidth problem so far dahil di naman famous ang site ko
and besides, I have 2,000GB volume transfer monthly. Pero kahit na ganun I still have to apply this piece of code dahil dumadami sila eh, Kitang-kita doon sa access stats ko.
Regarding the pyscho designer, hehehe natahimik na siya. Pero di pa rin nag apologize hanggang ngayon. Well, bahala na siya sa buhay niya. Tama na sa akin na ipinamukha ko sa kanya ang tutuo. I take it for granted she’s the kind of person who can not accept mistake.