Bubble.ro - because there is always something new to learn about

Leech/HotLink Protection

 

Category: Web technologies

Are you tired of people using your server as a storage space for their pictures on different websites? Use this option to block them from "leeching" your files.

The problem of people "leeching" files has become quite a serious one for some webmasters so it has been developed a solution for them. Servers can be configured to prevent "hotlinks" by using complicated config files .. or even through web interfaces.

CPanel is being used on many web servers (some servers are also using CPanel-like interfaces with similar options though) - which has a very nifty option of turning HotLink protection for your server/domain, setting up exclusions and what page to load in case an user tried to link directly to a file.

Site Management Tools - CPanel

But how does this system really works? Well, it simply checks for the referrer field sent by the browser. If the user came from a page on your server (or on the exclusion list), it is considered "safe" and allowed to view the specified resource, if it is not, the "HotLink" mechanism is triggered.

A simple customized system for hot-linking can be made using a server-side scripting language such as PHP or ASP. In PHP for example, you can create a page which to load a file specified by a parameter and comparing the $_SERVER['HTTP_REFERER'] field with a pattern specified by yourself.

Make sure you do a proper check of the parameter sent! It can be become a SERIOUS security issue otherwise. A simple solution for this would be to have all images/files in a single directory and files contain only letters and numbers, then check the filename sent as parameter using Regular Expressions:

if (eregi("^([a-z0-9]+\.([a-z]{1,3})$", $file))
{
    // load the page
}


Keep in mind that some of your visitors might use referrer blocking programs which will trigger indeed HotLink even if they are visiting the website normally. This is a quite common situation if server is configured with anti-leeching only set for images/video files and might save you from some headaches if your visitors are complaining images are not showing up.

For more informations about this situation check out this article: http://bubble.ro/How_to_block_referrer_detection.html

Related links:

http://www.cpanel.net/docs/cpanel/
http://altlab.com/hotlinking.html
http://altlab.com/htaccess_tutorial.html

Posted by: Indy on February 28, 2006 at 14:48.
 

» Comments

There are no comments for this article.

Random Article


Search


Feeds


Bubble.ro RSS Feed

All Categories


Articles


Aetolia - The Midnight Age
How to create the histogram of an image using PHP
How to convert an image to grayscale using PHP
How to check if an image is grayscale in PHP
Interchanging 2 variables without the use of a third
Error launching browser window:no XBL binding for browser
Convert the AOL user session collection to a MySQL database
Introduction to Matlab
Creating a customized session handling system in PHP (part II)
Creating a customized session handling system in PHP (part I)
Firefox crashing with Yahoo! Messenger
ADL Search for oDC
Video codecs explained
Browsershots
How to use Auto-Away Message with oDC
Create complete Windows XP disk with SP2 and all updates
Data Execution Prevention error message in Windows XP
Google Mars
Logarithmic scale graphs in Excel
Urban Dictionary (or wtf does l33t mean?)
Learn more about BIOS
Backup your Firefox and Thunderbird settings
Syndicate your Yahoo 360 profile
What is Google PageRank?
'Cannot Open the File: Mk:@MSITStore' Error Message
Get your Gmail with Mozilla Thunderbird
E-Books links
Change the size of your Explorer thumbnails
Remove previews from Windows Explorer
How can I turn off system beeps?
How do I disable Internet Explorer?
What are proxies or how do I protect my anonymity?
How to set aliases triggers or macros in MushClient
What is RSS?
Palm Zire 31 fast review
oDC Installation and Basic Configuration
How I built a 2x80W amplifier (using power modules)
Leech/HotLink Protection
How to block referrer detection?
How to find out your IP address
Getting started with Mushclient
What is spyware and how do I protect my PC from it?
Stumble Upon - random surfing around the web
Automatic file backup for Windows users
How can I read foreign language sites?
Protect your web surfing privacy!
What is BitTorrent?
No more ads! Adblock for Firefox
Why use Firefox instead of Internet Explorer?
How do I create my own Yahoo ID?
© Copyright 2006-2017 Bubble. All rights reserved. Sitemap - Contact