on their websites. Sure it is a bit flattering that someone liked my photo of our rug was perfect for the background of their blog or thought that embedding a 1M photo I took of John Kerry and Howard Dean in a high traffic web forums [1 | 2] was a good idea. However they sucked up nearly 200M of my monthly bandwidth quota and didn't even give me credit for the photos. You know, I think that may be the worst part.
So this evening I googled around for the magic Apache configuration commands that would prevent
JPG/GIF images from being embedded in someone else's web page. (ie: one not hosted on
nozell.com)
For the record, just pop this in a file named ".htaccess" in the same directory as were the images
are located and it will refuse to let GIF/JPG images to be loaded from other sites.
SetEnvIfNoCase Referer "^http://.*nozell.com/" local_ref=1
<filesmatch ".(gif|jpg)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
Read Ken Coar's Preventing Image 'Theft' tutorial for complete details.
Marc,
ReplyDeleteI had a similar problem, though not quite as severe. I used mod_rewrite to serve up a "bandwidth thief" image instead of just denying the request. My .htaccess file looks something like this:
> more .htaccess
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://gammatron.novarese.net.*$ [NC]
RewriteRule .(gif|jpg|png)$ http://gammatron.novarese.net/images/site/bandwidth.
jpg
Oooh! I like that idea. Something that leaves more than an empty image but says "stop that" in a nice graphical way. It would almost be worth any bandwidth you lose!
ReplyDeleteI wrote a similar htaccess rule because one image of mine from Finding Nemo was a top ten on Altavista's image search for "Nemo". Hundreds of hits per week just from searching for Nemo. Internet-wide you'd be surprised how many people type that in at AltaVista in a given week. :)