Let’s start by explaining this term for those that aren’t so familiar with it.
Hot linking – Hot linking is when another site links directly to an image, document, movie, file and so on. Resulting in users from their site being able to download the resource without consuming the resources of said web site, resulting in lose of resources from target site and no traffic gain from the linking.
What does this really mean?
Let’s say that we have a site about cars, and the site contains a great deal of useful information about cars including; images, documents, videos, music and so on... Then we have another site, a competitor, which deals with cars also and wants to offer the exact same content on their site, but doesn’t want to deal with hosting them and the cost that may be involve. So the competitor will link directly to their opponent’s resources, so they do not have to host them on their own server, resulting in the opponent’s site loosing resources and money due to the competitor linking directly to their resources.
That doesn’t seem very nice, does it?
Now to most users, this sounds bad and they’d love to find out how to stop it. But we first must find out how to stop it. So let’s take a look at different ways to find out if it’s even happening to us.
Am I Being Hot Linked?
Probable the easiest way to determine this would be a spike or jump in bandwidth consumption for a given month. Many sites that are victims of hot linking will notice a large jump in bandwidth consumption, resulting in overages and other penalties and fees, depending on the current host. This is where the major problem lies with hot linking, that and in most cases it’s a copyright violation.
Probable the most effective way of determining if someone is hot linking our files, would be to check our statistics programs that run on our servers. The statistic programs log just about everything that goes on with a site. If a program similar to this isn’t available, then by all means install one or speak with your host about getting one installed. In many cases a user can install these themselves, and most of them are free or open source.
Most statistic programs come with some sort of incoming URL tracking system that will allow us to determine which sites are linking to our site and which parts of the site they are linking to. This is the section we’d like to check out, as it will show us where other sites are linking to on our site and if they are directly linking to a file, it should show up in this section.
Awstats is a very popular statistic program that comes included with most cPanel hosting packages. More information on Awstats and how to read it properly can be found here: Awstats Explained
I’m Being Hot Linked, Help!
Now that we’ve determined that sites are hot linking our files, we need to determine how we can stop the current site from linking directly to our files and also prevent this from happening again in the future.
Obviously an email to the owner of the site linking directly to our files would be our first step. Simply ask the site owner to not directly link to our files, but link to the page in which contains the files. This will increase target traffic to our site, and reduce the amount of users downloading the files and will also lower our resource consumption.
In most cases, this isn’t going to be the best route to take, as many webmasters that are directly linking to files already know what their doing and well, probable don’t plan on stopping or they would have not done it in the first place.
So we have two options we can choose from in a situation like this one.
We can block the site linking directly to our files, meaning that no one coming from that site could download anything on our site.
Or we could block the entire problem altogether.
If you opted to block the entire problem, then we’re on the right track.
Blocking the Problem
Probable one of the most common ways to block this problem would be using mod_rewrite that is included in Apache. Now I know most of you may not know what this is or how to use it, but we’re going to go over a few simply commands we can use with this application and figure out the best route to take in blocking users from directly linking to our files.
Fist and foremost, speak with your host and find out if mod_rewrite is currently installed. If they aren’t answering, then a simply test can determine if it’s installed or not.
Copy the following into an “.htaccess” file and drop it in the root directory.
RewriteEngine On
RewriteRule ^test.html$ /test2.html [R=301]
Once this has been saved, upload it to your server and then create two more .html files. One named test.html and the other test2.html. Save them an upload them. Now load up the test.html on your server, and if it redirects to test2.html, then mod_rewrite is installed and works correctly on your server.
Now that we know that mod_rewrite is installed and working correctly on our server, let’s learn how to use it to prevent users from directly linking to our files. First thing we must do is make a list of URLs that we feel are ok and should have access to any of the files on our server.
URL List
http://www.testurl.com
http://testurl.com
http://sub.testurl.com
http://www.friendlysite.com
http://friendlysite.com
Ok, let’s explain the URL list first and for most. Notice how we have URLs listed with and without the “www” in them? We also have sub domains listed that we’d like to have access. Just specifying the domain name in general doesn’t cover any sub domain names on that particular domain name. So keep this in mind when making your URL list. Also we’ve friendly sites listed that we’d like to also have access to the site.
Now that we have our URL list, let’s create the rules we’ll need in our “.htaccess” file in order to block direct linking to our files.
First we need to create the URL rules.
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.testurl.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://testurl.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://sub.testurl.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.friendlysite.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://friendlysite.com.*$ [NC]
This is what our rules will look like these can be copied and changed. So please feel free to copy them for your own use.
Next we need to specify the types of files that we’d like to block direct linking to.
RewriteRule .*.(gif|GIF|jpg|JPG|zip|tar)$ - [F]
With this line of code we can add as many different file types as we’d like. In this case we’re blocking gif, jpg, zip and tar files. Any type of files can be added here, just remember to separate them with a “|” with no spaces. Some users that use their account to host forum images, avatars or sigs, may not want to add images in this line of code as it will break that on any other site that images may be posted on. Also users can add the URLs for the forums or what not that should have access.
Finished .htaccess File
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.testurl.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://testurl.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://sub.testurl.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.friendlysite.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://friendlysite.com.*$ [NC]
RewriteRule .*.(gif|GIF|jpg|JPG|zip|tar)$ - [F]
This can be added anywhere in your own .htaccess file, this doesn’t
have to be all that’s there.
We’ve now learned to block users using mod_rewrite. This is the most effective way to combat hot linking and prevent other sites and users from linking to our files and images.
