Using Mod ReWrite to Prevent Hotlinking

So like most, I have issues with people using my images but being to lazy to do a right click...Save as.

So I have added a Mod ReWrite to my htaccess:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com(/)?.*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?forums.mysite.com(/)?.*$     [NC]
RewriteRule .*\.(gif|jpg|jpeg|bmp)$ - [F,NC]

Code (markup):

Is there a downside to this? I don't care about Google Images as its not a site that can benefit from that.

Cheers

 

Froogle and other shopfeeds should be allowed too if applicable. Though some store their own thumbnail.

 

I also just added an image so it doesn't come back 404

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com(/)?.*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?forums.mysite.com(/)?.*$     [NC]
RewriteRule .*\.(gif|jpg|jpeg|bmp)$ http://www.mysite.com/image-not-available.jpe [R,NC]

Code (markup):

I don't use Froogle (Never get a response back) so it shouldnt be an issue. I will keep that in mind if I go that route though

 

Hmmm Froogle gives me loads of sales. Anyway, a lot of sites use that script so shouldn't be any issues.

BTW what's the easiest way to detect hotlinking?

 

I found it in my logs. I would be interested in a tool that checked for it automatically although I haven't seen anything

 

I do the same, except I allow google images and all the various other image searches as I get most of my hits from those.

I use a nice image with the url of the site to show instead and I think that gives me quite a few hits too.

 

Keep in mind that some browsers allow you to disable referrers ... so for those surfers, they won't be able to see your images ... I don't think there is any "good" solution to this problem short of somehow checking to see if the same dude just loaded the referencing HTML file ....

 

If your provider has cPanel there is a link: 'HotLink Protection' to protect against remote linking.

 

Correct me if I'm mistaken, but cPanel (and the other auto-admin tools) basically work the same way as previousely shown with the .htaccess file - i.e. basically look at the referrer string and make sure it's coming from the same domain (?)

 

My htaccess code looks like this

My question, does it matter that I use the slash after the domain without brackets? I.e. "your_domain.com/" instead of "your_domain.com(/)"?

And how about that second "?" after the domain?

 

You're right, but I allow requests with no refer, and so do the code pasted in this thread (the RewriteCond %{HTTP_REFERER} !^$ part.)