Hello. I specialize in graphic design for web and print projects.
Enforcing your CC-style copyright on hotlinkers
March 1, 2008 at 12:57 pm
Introduction
Picture the following scenario: you run a blog that posts pictures of cats. These pictures seem to get stolen a lot. You’re okay with this, because your content is licensed under a Creative Commons-style license. But nobody is respecting your copyright! In fact they’re linking to images directly from your server!
In fact this scenario is not all that uncommon. Thousands (if not millions) of blog owners are unaware of other websites hot linking to their images without so much as attribution! This tutorial will show you how to turn the websites of those copyright-discarding, hotlinking fiends into free advertising. More after the jump.
This is assuming you have a reasonable rate for bandwidth, and are okay with the idea of people using your bandwidth on their site. If you’re not, I recommend this tutorial by David Airey.
The Effect
Let’s start with this great picture of a cat (props to oskay frow Flickr):
Looks awesome, but how does this become advertising for my site? Through the power of mod_rewrite and PHP, the image is displayed as the following when embedded on someone else’s page:
Using mod_rewrite to detect hotlinkers
The technology that makes this all possible is a module built into the Apache Web Server, mod_rewrite. We can detect hotlinkers by creating a file named .htaccess in the web root. In this file we need to place some code to enable mod_rewrite. So on the first line, add this:
It’s worth refreshing the page to make sure that your web hosting provider has not disabled mod_rewrite, if they have you’ll get an error from Apache. In that case, sorry, but this tutorial won’t work for you.
At this point, I’m assuming you have wod_rewrite enabled, and you haven’t gotten any server errors. Great! Now onto the hotlinker detection.
RewriteCond %{HTTP_REFERER} !^$
The first line detects people who are seeing images from your website. The second line detects people who are not telling the server where they are viewing the image from. Some overly-paranoid internet users disable the sending of this information, and we can’t forget about them.
To actually redirect the user, we need another line of code. In the end, your code should look like:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?YOUR DOMAIN\.YOUR TLD/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /hotlinkers.php?image=$0 [L
PHP to add the watermark
So far we've learned how to internally redirect people viewing hotlinked images to a PHP script. If you view your site right now, however, you'll most likely get an error. That's because the PHP script referenced, /hotlinkers.php, has not been created yet.
I can't explain exactly how PHP works. If you don't have a basic idea, I'd recommend you find a good tutorial on it. I'll assume you at least know how it's structured from this point on.
Without further ado, here is the code. The comments explain what it does, so I shouldn't need to.
-
-
//Explicit declairations:
-
 //The PATH to the font to use.
-
 $font = '/nfsn/content/tylerm/public/profont.ttf'; //Text to show when the width of the image is <= 250px.
-
 $short = "TylerM.Info";
-
//Text to show when the width is > 250px.
-
 $long = "Photo Credit: TylerM.info";
-
//Code
-
$file = $_GET['image']; //Set $file to the image passed by the browser.
-
//This switch will create the correct GD object for different image types.
-
switch($type[1]){
-
 case "png":
-
 $image = ImageCreateFromPNG($file);
-
 break;
-
case "gif":
-
 $image = ImageCreateFromGIF($file);
-
 break;
-
case "jpeg":
-
 $image = ImageCreateFromJPEG($file);
-
 break;
-
default:
-
 echo "Cannot open non-image filetype.";
-
 exit;
-
 break;
-
}
-
-
//The following code will select a string of text appropriate to the image.
-
if($info[0] <= 250){
-
 $str = $short;
-
}else{
-
 $str = $long;
-
}
-
-
//Make the text
-
ImageTTFText($image, 8, 0, 2, $info[1], imagecolorallocate($image, 0x00, 0x00, 0x00), $font, $str); //Shadow
-
ImageTTFText($image, 8, 0, 1, $info[1] - 1, imagecolorallocate($image, 0xFF, 0xFF, 0xFF), $font, $str); //Text
-
-
//Send the image to the browser
-
ImagePng ($image);
-
-
//Cleanup
-
imagedestroy($image);
-
?>
-
Possible Improvements
- Â I'm not 100% sure on the security implications at blindly including files. They are checked to ensure they're PNG, GIF, or JPG, but there may be better ways of doing this.
- I'm running PHP4 here, I don't know how (or if) this works on later releases.
- Watermarking with a PNG instead of text might be nice.
Update!
Thanks to alexgieg and Jordon (at the NearlyFreeSpeech.NET forums) for the following script, which forwards hotlinked images to a cache service, so you get very little of the hotlinked traffic while still getting the advertising.
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com(/)?.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*\.)?google\..*(/)?.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*\.)?yahoo\..*(/)?.*$ [NC]
RewriteCond %{HTTP_REFERER} !search\?q=cache [NC]
RewriteCond %{HTTP_USER_AGENT} !.*CoralWebPrx.*
RewriteCond %{QUERY_STRING} !(^|&)coral-no-serve$
RewriteRule ^(.*)\.(bmp|gif|ico|jpe?g|png)$ http://www.example.com.nyud.net/watermark.php?image=$1.$2 [R=302,L,NC]
RewriteCond %{QUERY_STRING} (^|&)coral-no-serve$
RewriteRule ^.*$ - [F,L]
Say your words!