David Dallet’s weblog

Here is a method to use to protect yourself against the effect of abusive hotlinking.

You have to know what is hotlinking (or “direct linking” or “inline linking”) and you should have some web hosting related skills. I’ve written a more detailed post in French.

Before choosing to use this method, you have to be sure that you did your possible to contact the webmaster of the infringing site and to explain the problem. You have to identify each infringing website humanly (using your logs) : don’t rely on a too simple .htaccess Apache mod_rewrite rule if it may cause problems to readers accessing you rss/atom feeds through Google Reader, Netvibes, or any Web-based aggregator.

Well known methods

Well known methods using .htaccess include :

• forbidding users to get the image/ressource if the browser send a referrer associated to the infringing website
• replacing the picture with another one : you can alert the readers of the infringing website

The 401 HTTP Status Method

You can easily use the 401 HTTP Status to send a message to visitors of the infringing website.

The PHP code follows :

<?php
  header('WWW-Authenticate: Basic realm="Go to http://hotlinking.example.net/ (abusive use of our content/hotlinking issue)"');
  header('HTTP/1.0 401 Unauthorized');

You may use a .htaccess Apache mod_rewrite rule to execute the PHP code to answer requests associated to the specific referrer field.

The result looks like that (in firefox) :

Demo

You can view how you browser reacts to the previous 401 HTTP Status by visiting this demo post (use password “iwanttotest”, without quotes).