Industry guru Dave Taylor offers free tech support on a wide variety of technical and business topics, including HTML, Apple iPhone, online advertising, Cascading Style Sheets, Web design, management, Unix, Linux, search engine optimization, online dating, Mac OS X, shell script programming and Microsoft Windows.

Can you prevent people from linking to the media on your Web site?

A friend writes:
I'm finding that some number of people are hosting my Janet Jackson "movie" by simply linking it in from their sites, meaning *I* get to pay for the bandwidth. Is there some way to prevent this?
Dave's Answer: Here's what I'd do:
  1. Change your pages to refer to something called, say,

        jjackson-movie.cgi

  2. then have a script called that that essentially does this:

      echo "Content-type: image/swf";
      if [ $HTTP_REFERER != $yourdomain ] then
        stream bogus-film-for-other-folk
      else
        stream real-janet-jackson-movie
      endif

Well, it's slightly more complicated than that, but not by much. My only concern would be that some % of browsers don't send referrer information so for them, even if they viewed it on your page, it'd break.

Another strategy would be to have the page that includes the movie dynamically generated to include a timestamp, then this script checks to see if the timestamp is less than, say, two hours old. That'd involve two scripts instead of one, though: one for the page that contained the link, and one for the actual delivery of the movie itself.



Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Stumble Upon    
Categorized: HTML and CSS , Shell Script Programming   (Article 3682)
Tagged:
Previous: How do I add a custom 404 error page?
Next: Incorporating data from Movable Type into your Web Pages

Subscribe!

Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader.

Comments

To ensure those without referring information, a null or empty $HTTP_REFERER could go ahead and stream the real thing. The remote page will get the file for some browsers, but will be broke for others.

Posted by: Will Bontrager at February 24, 2004 9:54 AM

That's a logical and sensible solution, Will. Hmmm.... now why didn't I think of that?? :-)

Posted by: Dave Taylor at February 24, 2004 1:01 PM

If your server allows it, a better solution here is to use .htaccess. Being a lazy linux admin, it's much easier to manage a centralized file than to put the code in multiple files where hotlinking needs to be prevented (the server does less work here to). Since this still relies on $HTTP_REFERER, you should keep an eye out in your access_log, then just block the baddies completely using $REMOTE_ADDR or $REMOTE_HOST

#-----Prevent hot linking of images and other file types----------
#requires mod_rewrite
#The next 2 lines may also be required depending on your apache setup
#Options +FollowSymlinks
#RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
RewriteRule \.(jpg|gif|js|css|swf)$ - [F]

#-Or serve up something else to the hot linkers
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
RewriteRule \.(jpg|gif|js|css|swf)$ busted.html [R,L]

Posted by: Rob at February 17, 2007 4:49 AM

I have something to say, now that you mention it, but ...
Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you for all your efforts on this Web site by buying you a cup of coffee!

I do have a comment, now that you mention it!











Remember personal info?


Please note that I will never send you any unsolicited email. Ever.

While I'm at it, please note that by submitting a question or comment you're agreeing to my terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site.








Ask Dave Taylor: The iPhone App: Advertisement



Follow me on Twitter @DaveTaylor

Search
Find just the answers you seek from among our 2300+ free tech support articles by using our Lijit search engine.


Help!
Ask Dave for Help!




Link To Dave!
• Buy Dave a Cuppa •
Media Queries

Subscribe to
Ask Dave Taylor!

Add to Google Reader
Add to My Yahoo!
Subscribe in NewsGator Online

RDF   XML

Free Updates!
Sign up and get free weekly updates and special offers on books, seminars, workshops and more.

Complete Archives

Recent Entries
Book Links
CIG Growing Your Business with Google
Creating Cool Web Sites
Wicked Cool Shell Scripts
Learning Unix for Mac OS X Panther
Solaris 9 for Dummies
Teach Yourself Unix System Administration in 24 Hours
Teach Yourself Unix in 24 Hours
Creating Cool HTML 4 Web Pages
Dynamic HTML Weekend Crash Course
film blog - social media / blogging speaking - business blog - Colorado photography - free tech support
© 2002 - 2010 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.

[whiteboard marker tray]
"Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.