Pursuading people with Rewrite rules that "hotlinking" is bad is not malicious, it’s just funny

Earlier this evening while kicking back to a movie (thanks to John P. for helping me figure out my audio), Mailplane + Growl notified me of a new message with a Subject line to difficult to ignore. George from the OS9USER News Room wrote:

We recently did a digg on the article you published on gmail (scams). We dugg your story , and wanted a picture to go with it to publish your digg with our news feeds. Your picture changed when we linked to it with your referring story. The contents of that picture is totally un-exceptable…. so we reported your site to the authorities.

We have only one question ? Why have malicious coding when we digg your story ??? We wanted a picture to include your story In Our News Room, but when our reporter was doing another story, they noticed that your picture had changed. It as a “hot link” to a picture that you used on your story, along with a dugg story …..

When your site saw the referring url from the users explorer, you switched the IMG to another picture.

Note : We dont bow down to anyone. You dont have to answer our email, but tucows , google , yahoo and a few others may ask the same questions. We have a response from Yahoo already. It was quickly answered.

Thanks for the digg on the Gmail phishing email warning. After reading the [above] email, I immediately came to my senses and understood what this comment was all about. Well George, let me introduce you to my little friend – Mr. htaccess Rewrite and the scorned in-law Ms. hotlinking.

What is hotlinking?


Bandwidth theft or “hotlinking” is direct linking to a web site’s files (images, video, etc.). An example would be using an <img /> tag to display a JPEG image you found on someone else’s web page so it will appear on your own site, eBay auction listing, weblog, forum message post, etc.

If you’re publishing content online with an image that is served from someone else’s server, you are "hotlinking" – unless of course you are using an image hosted on public sites like ImageShack, Photobucket, or Box.

I copied an image and it changed after a refresh!

Prior to the public release of Grid Focus, I had created a few Rewrite rules to deal with individuals who had begun distributing the theme without permission. As-is customary for many situations where content is re-used or distributed without permission, images used in the theme were still hosted on the local server. With a few .htaccess rules, anyone can easily serve alternate image for any external requests.

Target specific external domains and serve an alternate image

In order to serve your own "personalized" nohotlink image for specific domains, use:

# STOP hotlinking
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?myspace\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?blogspot\.com/ [NC,OR]
RewriteRule .*\.(jpe?g|gif|bmp|png)$ nohotlink.jpg [L]

This first two lines of code tell the server to replace image requests from myspace.com & blogspot.com. The last line tells the server that for any image filetype request – jpg, jpeg, gif, bmp, and png – serve a personalized nohotlink.jpg image.

Deny all image requests from all domains other than your own

#STOP hotlinking
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com(/)?.*$ [NC]
RewriteRule \.(jpe?g|gif|bmp|png)$ nohotlink.jpg [L,NC]

The above snippet will replace external image requests from any domain other than your own with your own nohotlink.jpg image. Find more examples for preventing hotlinking here.

George, stop misinforming internet users. There are no malicious scripts that swap images here on 5thirtyone.com.

Basically your referring URL (from your explorer) is stored in a cookie, which triggers the script to do whatever. In this case, change the IMG Path to another location. Our IMG=5thiryone.com/… activated a script on that site, that adjusted your screen accordingly. This problem was caught, and luckly did not get out in our feeds what-so-ever.

The only scripts that are activated are the imaginary ones in your head, or ones from your own site.

Take Care of your Hosting Issues

Make sure no one is hotlinking your images and get the best website hosting today. If you make sure to use one with dedicated servers you’ll be sure to avoid some major hosting headaches down the line. Get better hosting for your website!

Discuss - 31 Comments

  1. Joshua says:

    Caught a laugh at this when I saw it on Twitter earlier.

    http://5thirtyone.com/nohotlink.jpg – lol

    Derek, how do you handle when you’d like to post an image in a forum or some other place? Do you just host it elsewhere? Or add an exception rule to your htaccess?

  2. Derek says:

    There are only a small number of domains that I filter. However, for serving images on forums and the like, I usually turn to Flickr. If I’m using Pro, I might as well use the service for what I pay to use it for.

    Glad you had a laugh at the nohotlink image. 😉

  3. Andre says:

    I guess he should be glad he’s not this guy, eh?

  4. Ian Smith says:

    I like what he says about it on his site. In the words of Mr. T, I pity the fool. Although I agree with what was said on flickr, goatse may have been in order. Muahaha

  5. Brendan says:

    “Dear sir, I’m stealing your content and making you pay for the hosting I’m too lazy/ stupid to organise; please don’t highlight that I am indeed an asshat for a) hot-linking, b) being caught and c) being laughed at by others..”

    Some people really do waste oxygen.

  6. Ben Bleikamp says:

    For being such a reputable news source they have some of the worst spelling and grammar I have ever seen. Oh, and they’re too cheap to buy their own domain and hosting.

  7. Stefan says:

    I found out it’s better for my bandwidth to serve to these guys not an insult, I use an 1×1 px blank GIF instead. They can’t see my image and don’t take much bandwidth.

  8. Adam C. says:

    I think before we all crucify this kid we should step back for a moment and remember a time when we all weren’t as internet savvy as we are.

    Here’s the Blogger upload image form:

    Off to the right there it has a dialog to directly link to an image’s URL. I’m not saying hotlinking is okay I’m just saying that a kid who doesn’t know any better could look at that dialog and think “Hey, there’s a way for me to share this image…” Doesn’t make it right, but it does make it understandable. You know, sorta…

    After I talked to him for a bit he understood that Derek hadn’t “hacked” him, and he now knows that he shouldn’t directly link to other people’s images. Again, I’m not condoning his actions, I’m just pointing out that he clearly didn’t mean any harm, and (I think) he’s all straightened up.

  9. Adam C. says:

    Ooops, sorry I guess you can’t upload images… sorry bout that… here’s the link to it:
    Blogger Pic Upload Form

  10. Sam Lu says:

    Is it a coincidence I read this after finding out someone stole a blog post of mine? No, I think it’s fate.

  11. WOW what a dumbass… but I will say that is an awesome trick!!

  12. Jordan says:


    I think the funniest thing about this is that because he honestly believed that because he dugg your article that he was entitled to your bandwidth as well.

    Oh, by the way Derek. I like your site too… Mind if I get FTP access so I can store some files on your server? I can digg some of your content in trade for storage space. Thanks ahead of time.

  13. Jordan says:

    Ugh, terrible grammar above… I meant that to say:

    “I think the funniest thing about this is he honestly believed that because he dugg your article that he was entitled to your bandwidth as well.”

  14. Tom says:

    Would you be stealing from Gruber if you named this guy jackass of the week?

  15. Dan says:

    Haha, I’m glad I’m not George. I would feel like a complete idiot at this moment if i was him.

    and from his website,
    “ALERT : 5thirtyone.com sends malicious code thru it’s pictures , somehow he changed my picture in blogger , on this article. The story was a digg from that site. The link has been removed, and the site reported to the authorities. I will find future updates on this story elsewhere, Google is investigating this entire mess, as I post this online.”

    I wonder what you have been reported to the authorities for, Derek.

  16. TheUprock says:

    Haha, George. GG, moron.

  17. Nice hotlinking image 😉

    I still have to implement this sometime…

  18. Tom says:

    George’s version of a retraction:


    Being an idiot (and having such a glowing turd of a site) is morally reprehensible, George. But at least you learned ya about some hotlinking.

  19. Myles says:

    OS9user’s website is an eyesore. There are ads and animations everywhere! And he talks as if people read his website (which is even funnier!). It looks as bad as an average MySpace page.

    Is it just me or is it not possible to right-click (and pull up a menu) on his website in Firefox? I don’t want to imagine visiting that website in IE!

  20. Myke says:

    I think I damaged my retinas looking at that page…