lazytiger Posted December 18, 2005 Posted December 18, 2005 I've noticed that some of my graphics are being hotlinked from other websites, particularly from myspace.com. I have hotlink protection enabled, but it doesn't seem to be stopping these people from doing it. I know there are ways around the protection, but it seems unlikely that that's the case here. I have to wonder if the protection isn't configured correctly. Here's how I have it: Urls to Allow Access: http://lazytiger.com http://rick.lazytiger.com http://webmail.lazytiger.com http://www.lazytiger.com http://www.rick.lazytiger.com http://www.webmail.lazytiger.com Extensions to allow (seperate by commas): [0-9a-zA-Z]+ Url to Redirect to: $1.php Allow direct requests - (option is unchecked) I believe all those settings are just the defaults. I was particularly confused about the "Extensions to allow" part, because it would make more sense if it said "Extensions to DISallow". I don't want any graphics file types to be hotlinked. Or really, I don't see why I would want ANY file to be hotlinked. How would I do that? Also, when listing the URLs to allow, is it possible to use a wildcard? I.e., rather than all those entries, could I just put *.lazytiger.com? Thanks. Quote
Mission Posted December 18, 2005 Posted December 18, 2005 Extensions to allow (seperate by commas): [0-9a-zA-Z]+ Url to Redirect to: $1.php Allow direct requests - (option is unchecked) Thanks. I'm sure the experts out here can help you more, but I don't understand your extensions that you've enabled blocking for -- those should be the extensions of your graphics, like .jpg, .gif, etc. I believe. Also, I'm not sure, but don't you need the full URL to redirect to? I have hotlink blocking on my site for media extensions (videos, audio files) -- .asx, .wmv, .ram, .rm, etc. I'm not sure how it works for images, though. But when people place links to my media files on their web sites, and someone clicks on those links to launch the videos or audio files, their browser opens up my web page instead of launching the media. Quote
lazytiger Posted December 19, 2005 Author Posted December 19, 2005 Thanks, it seems to be working now. Yeah, I don't know what was going on either with the extensions to block (I mean, I know it was a regular expression, but beyond that...). I'm pretty sure that's just what was there by default. I still don't understand why it says "Extensions to allow" instead of disallow or block. Very confusing. Quote
Mission Posted December 24, 2005 Posted December 24, 2005 Thanks, it seems to be working now. Yeah, I don't know what was going on either with the extensions to block (I mean, I know it was a regular expression, but beyond that...). I'm pretty sure that's just what was there by default. I still don't understand why it says "Extensions to allow" instead of disallow or block. Very confusing. I think it refers to Extensions to allow because we specify URLs that we want to have access to those file extensions. Like looking at a half-full glass rather than the half-empty glass type of scenario. (A crude example, but I guess the setup looks at it from that type of perspective -- "I want these URLs to be able to link to these files. Otherwise, block everything else and everybody else." Something like that... ) Quote
zpry Posted December 31, 2005 Posted December 31, 2005 This post certainly caught my attention! I also have hotlinking blocked at my website - and noticed this past month one sound file being loaded over and over from - guess where? myspace.com There was one user there who commented to all his friends blogs with a link to my sound file. The sound file just said "ewwweee" - but after thousands and thousands of loads it really was eating up my bandwidth! I think I discovered it pretty quickly though, because I saw links to a sound file in the recent visitor part of cpanel, without any page referral. I removed the sound file to stop the hotlinking. Now I am getting thousands of 404 error notices. Somehow I was able to find a link to a myspace.com page with a link to my file on it. I viewed the source of the page and studied the link that the guy used to see how he was getting around my hotlink protection. The link had a beginning to it that said something like script=no, then it apparently opened a new window. I am no expert, but here is my guess. I think the no script thing is why I cant see a referrer for most of these hits. I also think the opening of a new window is how they get around the hotlink, because I do allow pasting of the link into a new browser window, and letting visitors access my content that way. I am IRKed about it, but - I don't want to actually do anything, like exchange the sound file with something mean-since that would only bring attention to me out there, and would cause retribution. The guy and all his pals would then link to my other sound files. LOL So, now I am just keeping an eye out for this happening again. I don;t think he realizes yet that the sound file isn't loading. I guess if this happens again, I may have to _Not Allow_ the pasting of the link into a new browser window thing. I wonder if myspace is actually encouraging this sort of thing someplace on their site. The guy that was hotlinking to my sound file didn't seem to have the sophistication (just looking at his blog) to have figured this out on his own. I wonder if there is some way to block links from myspace.com specifically. I certainly have no use for them. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.