Industry guru Dave Taylor offers tech support on technical and business topics, including iPhone, iPod, Microsoft Windows, Sony PSP, cellphones, online advertising, CSS, Web design, business, Unix, Linux, SEO, Mac OS X, and shell script programming.     


Can you prevent people from linking to the media on your Web site?

A friend writes:
I'm finding that some number of people are hosting my Janet Jackson "movie" by simply linking it in from their sites, meaning *I* get to pay for the bandwidth. Is there some way to prevent this?
Dave's Answer:
Here's what I'd do:
  1. Change your pages to refer to something called, say,

        jjackson-movie.cgi

  2. then have a script called that that essentially does this:

      echo "Content-type: image/swf";
      if [ $HTTP_REFERER != $yourdomain ] then
        stream bogus-film-for-other-folk
      else
        stream real-janet-jackson-movie
      endif

Well, it's slightly more complicated than that, but not by much. My only concern would be that some % of browsers don't send referrer information so for them, even if they viewed it on your page, it'd break.

Another strategy would be to have the page that includes the movie dynamically generated to include a timestamp, then this script checks to see if the timestamp is less than, say, two hours old. That'd involve two scripts instead of one, though: one for the page that contained the link, and one for the actual delivery of the movie itself.

Related HTML, JavaScript and Web Site Programming articles:
✔   How to Create Predefined Google Image Search Links?
Thanks for the Amazon URL [see Creating Amazon Search Links]. That worked beautifully. In fact, I sent you $5.00 for coffee in thanks....
✔   Can I embed a Facebook search box on my blog site?
I've seen your articles about how to add a Twitter or Google search box on a Web page, but I have a tougher...
✔   Can I use CSS for drop shadows on my blog?
I want to give my site a bit of a facelift and add some neat graphical elements. One of which is drop shadows....
✔   How can I embed interactive photo panoramas on my site/blog?
I read through your blog entry about how to take panoramic photos with iOS 6 and an iPhone 5 and got enthused. I've...
✔   How can I create a Twitter search URL shortcut?
I'd like to add a few Twitter search links to my Web site. Is that possible, or does Twitter prohibit this sort of...
Let's stay in touch!
Sign up for my weekly AskDaveTaylor Newsletter and you'll receive even more tech and gadget help right to your inbox, along with exclusive news and industry updates. It's good stuff. I promise!
    Enter your name: and your email addr:  




Categorized: HTML, JavaScript and Web Site Programming , Shell Script Programming   (Article 3682, Written by )
Tagged:
Previous: How do I add a custom 404 error page?
Next: Incorporating data from Movable Type into your Web Pages




Reader Comments To Date: 3

Will Bontrager said, on February 24, 2004 9:54 AM:

To ensure those without referring information, a null or empty $HTTP_REFERER could go ahead and stream the real thing. The remote page will get the file for some browsers, but will be broke for others.

Dave Taylor said, on February 24, 2004 1:01 PM:

That's a logical and sensible solution, Will. Hmmm.... now why didn't I think of that?? :-)

Rob said, on February 17, 2007 4:49 AM:

If your server allows it, a better solution here is to use .htaccess. Being a lazy linux admin, it's much easier to manage a centralized file than to put the code in multiple files where hotlinking needs to be prevented (the server does less work here to). Since this still relies on $HTTP_REFERER, you should keep an eye out in your access_log, then just block the baddies completely using $REMOTE_ADDR or $REMOTE_HOST

#-----Prevent hot linking of images and other file types----------
#requires mod_rewrite
#The next 2 lines may also be required depending on your apache setup
#Options +FollowSymlinks
#RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
RewriteRule \.(jpg|gif|js|css|swf)$ - [F]

#-Or serve up something else to the hot linkers
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
RewriteRule \.(jpg|gif|js|css|swf)$ busted.html [R,L]

Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you, Dave, for all your helpful information by buying you a cup of coffee!

I do have a comment, now that you mention it!











I will never send you any unsolicited email. Ever.






Check This Out Too...

 
Recent Entries
Look for Answers
Recommended
Need Help? Ask Dave Taylor!
All Our Categories


Follow Me on Pinterest

Find Me on Google+
ADT on G+
© 2002 - 2013 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site. Further, please note that by submitting a question or comment you're agreeing to my terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site. My lawyer says "Thanks".
"Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.