Pursuading people with Rewrite rules that "hotlinking" is bad is not malicious, it’s just funny

  • August 22nd, 2007

Earlier this evening while kicking back to a movie (thanks to John P. for helping me figure out my audio), Mailplane + Growl notified me of a new message with a Subject line to difficult to ignore. George from the OS9USER News Room wrote:

We recently did a digg on the article you published on gmail (scams). We dugg your story , and wanted a picture to go with it to publish your digg with our news feeds. Your picture changed when we linked to it with your referring story. The contents of that picture is totally un-exceptable…. so we reported your site to the authorities.

We have only one question ? Why have malicious coding when we digg your story ??? We wanted a picture to include your story In Our News Room, but when our reporter was doing another story, they noticed that your picture had changed. It as a “hot link” to a picture that you used on your story, along with a dugg story …..

When your site saw the referring url from the users explorer, you switched the IMG to another picture.

Note : We dont bow down to anyone. You dont have to answer our email, but tucows , google , yahoo and a few others may ask the same questions. We have a response from Yahoo already. It was quickly answered.

Thanks for the digg on the Gmail phishing email warning. After reading the [above] email, I immediately came to my senses and understood what this comment was all about. Well George, let me introduce you to my little friend – Mr. htaccess Rewrite and the scorned in-law Ms. hotlinking.

What is hotlinking?


Bandwidth theft or “hotlinking” is direct linking to a web site’s files (images, video, etc.). An example would be using an <img /> tag to display a JPEG image you found on someone else’s web page so it will appear on your own site, eBay auction listing, weblog, forum message post, etc.

If you’re publishing content online with an image that is served from someone else’s server, you are "hotlinking" – unless of course you are using an image hosted on public sites like ImageShack, Photobucket, or Box.

I copied an image and it changed after a refresh!

Prior to the public release of Grid Focus, I had created a few Rewrite rules to deal with individuals who had begun distributing the theme without permission. As-is customary for many situations where content is re-used or distributed without permission, images used in the theme were still hosted on the local server. With a few .htaccess rules, anyone can easily serve alternate image for any external requests.

Target specific external domains and serve an alternate image

In order to serve your own "personalized" nohotlink image for specific domains, use:

# STOP hotlinking
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?myspace\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?blogspot\.com/ [NC,OR]
RewriteRule .*\.(jpe?g|gif|bmp|png)$ nohotlink.jpg [L]

This first two lines of code tell the server to replace image requests from myspace.com & blogspot.com. The last line tells the server that for any image filetype request – jpg, jpeg, gif, bmp, and png – serve a personalized nohotlink.jpg image.

Deny all image requests from all domains other than your own

#STOP hotlinking
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com(/)?.*$ [NC]
RewriteRule \.(jpe?g|gif|bmp|png)$ nohotlink.jpg [L,NC]

The above snippet will replace external image requests from any domain other than your own with your own nohotlink.jpg image. Find more examples for preventing hotlinking here.

George, stop misinforming internet users. There are no malicious scripts that swap images here on 5thirtyone.com.

Basically your referring URL (from your explorer) is stored in a cookie, which triggers the script to do whatever. In this case, change the IMG Path to another location. Our IMG=5thiryone.com/… activated a script on that site, that adjusted your screen accordingly. This problem was caught, and luckly did not get out in our feeds what-so-ever.

The only scripts that are activated are the imaginary ones in your head, or ones from your own site.

Take Care of your Hosting Issues

Make sure no one is hotlinking your images and get the best website hosting today. If you make sure to use one with dedicated servers you’ll be sure to avoid some major hosting headaches down the line. Get better hosting for your website!