Dusting My Brain: MySpace.Com Users and Hotlinking

« Belated and Otherwise | Main | Congrats to Zoe! »

February 19, 2006

MySpace.Com Users and Hotlinking

I've had to remove photographs from both my blog and Photo Gallery thanks to some users of myspace.com. The little varmints seem to have no idea how to save an image to their desktop and instead hotlink to my photos. Though it's nice they like the photographs, it's not nice that they hotlink. For those who don't know what hotlinking is, it's when someone links directly to an image (for example, linking to http://dustingmybrain.com/images/blah.jpg,) instead of saving that image to their own desktop and putting it on their hosting company's server (http://profile.myspace.com/user0000/etc. ) and linking to it in that manner.

The process for using an image is pretty straightforward: if it's available for public use, download/save to your desktop and put it on the server that hosts your web site and if required, include attribution and copyright information when using it. A no brainer, right?

Places like Google images don't help, since the only notice they give is Image may be scaled down and subject to copyright. In doing a search on Google for one of my images -- this one -- if you click on the link to see full-size image (though I recently removed this one from the server), there is no visible copyright information or anything else. I shouldn't have to begin adding copyright or other information right on the photograph in order to get people to stop hotlinking. I think Google could help those of us who post photos that have Creative Commons licenses, copyright, etc. by discouraging folks from hotlinking.

From a technical standpoint, I know there is a way to deny the users of myspace.com from hotlinking to the images via htaccess... though I'm not exactly sure where to add that and what to put in the file. I recently had to use htaccess in an attempt to stop a certain IP address from continually accessing a file that doesn't exist anymore since the accesses were almost every second. In addition to that, I also need to insert a redirect into the htaccess file for another issue. For those who are thinking I should do modrewrite, I would but it is way over my head unless one of you technical geniuses wants to walk me through doing it. I'm digressing here, so let me get back to the main issue of hotlinking to images.

I don't want to stop putting images on my blog or have to take the Photo Gallery down, but it would be great to not have to check the raw logs every day and remove images because the myspace.com users continue to hotlink to my photos. All recommendations on how best to deal with this would be greatly apprecicated.

Cindy

Comments

If you want the step by step guide, I can try and dig it up. I used to use it on my home server because some b*gge*r in Europe used one of my images as his icon in a forum and he used to post 40-50 messages a day in the forum. Everyone reading it was pulling the image off my server. When I made the changes, he (or she) complained to me...

Brain matter deposited by: Ozg on February 19, 2006 4:48 PM

The hotlinking protection is easy enough - a sample (that may need tweaking :) ) is on it's way now. Send me your other redirect requirement and I'll work out what you need.

Cheers!

Brain matter deposited by: Greg on February 19, 2006 10:17 PM

This may or may not help - but it's clever.

use the ForceType directive for Apache within a FilesMatch directive. You can put this in .htaccess if AllowOverride All is set. (Sorry for the geekspeek - all these terms are documented at apache.org).

Your comment editor is probably going to mangle the following example, but here goes -

ForceType "image/jpeg"

Now rename your hotlinked image files into something.exe and change the link in your webpage(s).

It solves the immediate need because the file is renamed and the prior hotlinks are going to fail.
Your viewers will see the image because the webserver is insisting it's a jpeg (which it actually is).

The clever part? Nobody in their right mind is going to link to a dot-exe file in an img tag... They'll be so bothered at the prospect that they'll either spend the next month figuring out what you did, or they'll drop the idea completely. Either way, the goal is accomplished.

You could also inject some policy by using something creative like '.hotlinkers_will_be_shot' as an extension instead of '.exe'.

I've seen the alternative solutions and they all use the referer (referrer, reefer, whatever) to limit access. Only problem is that it's totally unreliable. This is equally as unreliable, but a bit more fun.

Brain matter deposited by: mike on February 19, 2006 10:57 PM

As I suspected the tags got stripped.

[lessthan]FilesMatch ^(.*)exe [greaterthan]
ForceType image/jpeg
[lessthan]/FilesMatch[greaterthan]

Brain matter deposited by: mike on February 19, 2006 11:00 PM

Mike - thank you for ALL that info -- it's WAY above my head though... I am completely unfamiliar with Apache as far as putting in any type of code, and honestly don't want to play with it since I'm not a geek. :-)

As far as the hotlinked images are concerned, I deleted the images from the server as well as the posts they were in (on the Photo Gallery, that is) -- I've put in a robots dot txt file to deny google images from both my sites. We'll see if that has any effect, otherwise, I'll have to find other options. Thanks again for helping though! (p.s. I still need your vote in the contest, btw.)

Greg - thank you for the email! I think the code you sent is to be used with mod rewrite, which I have absolutely zero clue about. The only thing I'm vaguely familiar with is the htaccess...
however, the redirect thingie I will send you info on. Thank you again for helping!

Oz - step-by-step would be helpful and it sounds as though what you went through is exactly what I'm experiencing. Thanks for the offer!

Brain matter deposited by: Cindy on February 20, 2006 8:55 AM

Look at all the knights in shining armor, would ya? I'm of no help whatsoever but it looks like you're pretty well covered. ;-)

Also nothing is a no brainer when it comes to computers. I have to explain things to my mother all the time that I would consider pretty straightforward, and I'm not even a computer geek.

The people I worked with in Houston had a hell of a time understanding that a long distance phone number would be long distance on the fax machine as well. Ha.

Brain matter deposited by: Kat on February 20, 2006 2:04 PM

Kat: Knights in shining armor are a very good thing, even if they don't come around all that often, I'm very grateful that they did!

Aren't you glad you're not in Houston anymore? ;-)

Brain matter deposited by: Cindy on February 20, 2006 3:04 PM

Whilst searching for other material, I just found a way to completely absolutely 100% eliminate image hotlinking. OK, the downside - it won't work on IE.

That's OK by me (for those who don't know, I was at Netscape during the browser wars).... :-)

You can embed an image into a webpage. Somebody can still save it, but they can't link to it. It has no URL outside the page it is defined on. I remember this RFC from long ago...

Anyway check it out over on http://en.wikipedia.org/wiki/Data:_URL

I could whip up a PHP script in about ten minutes. Doubt if that will help you today because I don't know if you've got PHP or how to tie this method into MT. But it exists and it's the perfect solution to hotlinking.

Brain matter deposited by: mike on February 21, 2006 7:21 PM

/head spins like Linda Blair after reading Wiki.

:-)

Brain matter deposited by: Cindy on February 22, 2006 12:58 PM