Saturday, February 19, 2005

People stealing my bandwidth (and no credit to me!)

I was looking through my web logs recently and found a number of people were displaying my images
on their websites. Sure it is a bit flattering that someone liked my photo of our rug was perfect for the background of their blog or thought that embedding a 1M photo I took of John Kerry and Howard Dean in a high traffic web forums [1 | 2] was a good idea. However they sucked up nearly 200M of my monthly bandwidth quota and didn't even give me credit for the photos. You know, I think that may be the worst part.

So this evening I googled around for the magic Apache configuration commands that would prevent
JPG/GIF images from being embedded in someone else's web page. (ie: one not hosted on

For the record, just pop this in a file named ".htaccess" in the same directory as were the images
are located and it will refuse to let GIF/JPG images to be loaded from other sites.

SetEnvIfNoCase Referer "^http://.*" local_ref=1

<filesmatch ".(gif|jpg)">

Order Allow,Deny

Allow from env=local_ref


Read Ken Coar's Preventing Image 'Theft' tutorial for complete details.