GRIMTHING.COM

Okay, you’ve read what I think about impolite assholes and the telephone, today’s topic of study is hotlinking.

What is hotlinking?

Hotlinking is when a someone uses the img tag to include an image on their website from another server. It’s just like your neighbor plugging in an extension cord at your house to provide electricity for their home. You’re paying for your own usage, and you’re paying for some jackass across the street who wants to microwave his ramen noodles (mmmm, ramen).

Now at one point or another, just about everybody has hotlinked something. I’ve done it myself. Hotlinking, by and large, is the result of ignorance. Beginners who don’t realize that someone is paying for every little picture that shows up on their monitor. It’s still rude and it needs to be stopped.

Why is hotlinking bad?

1. Hotlinking is a theft of bandwidth.-That nifty DragonBall-Z image you have as the main logo for your geoshitties webpage uses bandwidth that someone is paying for. Every time someone visits your site, it’s costing the guy who’s physically hosting the image money. Since you’re taking money from him without his knowledge/consent, that’s stealing.
2. Hotlinking is a theft of storage.-I’m not an image hosting service. If I’m not getting a check in the mail from you every month, you shouldn’t be hotlinking images from my site. Webspace costs money. If you want to use an image, and you have the creators consent, download the image to your computer and upload it to your own site.
3. Hotlinking may be IP theft.-As is in the case of my wife’s site. She is a photographer and digital artist and there have been people stealing and modifying her images. Sometimes it’s just a simple crop, resize and the addition of a little text. She receives no reimbursement for all the time and effort she’s put into her work, no acknowledgement or money. I understand that imitation is the sincerest form of flattery, but this isn’t imitation, it’s the straight copying of someone else’s work and claiming it as your own. The owner of the copyright could utilize DMCA law to have your site shut down and your information given for use in legal proceedings.
4. Hotlinking may have unpredictable results.-When you hotlink someone else’s images, you are at their mercy. They may change the image at their whim and leave you looking a little foolish. For example, anyone who hotlinks an image from grimthing.com will get the following graphic… So, just don’t do it.

How do you know if you’re hotlinking?

When you place an image tag on your site, it looks something like the following:

<img src="coolpic.jpg" width="100" height="50" border="0">

This is fine, that tag tells a visitors browser to look for an image named “coolpic.jpg” on the server from the webpage that called it. Now look at the following example:

<img src="http://notmywebsite.com/coolpic.jpg" width="100" height="50" border="0">

This is not so fine. If you have an image tag like this, then you are obviously hotlinking an image by using a url that is not your website.

A brief aside

Just so we’re clear here, I do not discourage people from linking directly to the wallpaper page, or any page on this site that contains pictures. They’re there for people to look at and enjoy (or mock, ridicule and deride–look at me, I’m thesaurus man). If you want to show your friends or family members some of the images I’ve got up, send ‘em a link to the page. They can download ‘em and use ‘em any which way they choose. I don’t care about that. Text links are fine, image links are also fine as long as you download the image to your server and use your local copy, not my original.

What webmasters can do to prevent theft.

Currently Grimthing.com is hosted with the Apache Web Server, and has mod_rewrite enabled, so my suggested fix is based on that. The trick to turn away potential hotlinkers requires the use of mod_rewrite rules in an .htaccess file located in the directory of the images you wish to protect. For example, my current .htaccess file reads something like…

RewriteEngine On

rewriteCond %{HTTP_REFERER} !^$

rewriteCond %{HTTP_REFERER} !^http://grimthing.com [NC]

rewriteRule \.(jpe?g|gif|png|bmp)$ nohotlink.jpg [L]

Apache.org has a ton of information on how to write rules in order to set up your site to prevent hotlinking. You can read all of the documentation, or be lazy like me and use the rule generator at HTML Basix.

Once you have you .htaccess file laden with rules in place, check it’s effectiveness at Alt Lab.

Posted by Philip McClure in Computing Woes Rants on April 02, 2004