1 reply to this topic

[jsmoriss]

I recently found a site that had linked an image of mine on one of their pages - using my bandwidth to display their page! I noticed this by seeing a GET for an image with a referer that wasn't one of mine. So, I went looking for a solution and found the following. It works quite well and thought I'd share. :-) Note that this doesn't prevent someone from 'stealing' your images, just linking them directly from their pages. They can still download 'em and host the image on their server. The idea here is to prevent bandwidth theft, not image theft. :-)

The following can be used in an apache config file, including a .htaccess.

SetEnvIfNoCase Referer "^https?://([^\.]*\.mv|mv)pi(x|cs)\.com" allow_img
SetEnvIfNoCase Referer "^$" allow_img

<FilesMatch "\.(gif|png|jpe?g)$">
    Order   deny,allow
    Deny    from all
    Allow   from env=allow_img
</FilesMatch>

I've optimized the SetEnvIfNoCase regexp somewhat. The following will work also:

SetEnvIfNoCase Referer "^http://mvpix.com" allow_img
SetEnvIfNoCase Referer "^https://mvpix.com" allow_img
SetEnvIfNoCase Referer "^http://www.mvpix.com" allow_img
SetEnvIfNoCase Referer "^https://www.mvpix.com" allow_img
etc...

LateR!
js.

[acroporas]

My hosting server has a built in function that lets you list which sites are allowed to use the pictures and block all requests from everyone else.