httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "J. Greenlees" <ja...@shaw.ca>
Subject Re: [users@httpd] how do I prevent sites from hijacking my images?
Date Wed, 06 Nov 2002 06:19:43 GMT
Dale,
I recently went through apache's docs about this for several artists, 
using an .htaccess file to only allow your own pages to link is the 
easiest way to stop the hotlinking.
to stop caching of pages you would need to do something as Saqib N Ali 
has suggested, also to disable right clicking. though with no js active 
on a client's browser then the js doesn't work.

one suggestion made to the artists:
put an image up that says "THIS PERSON IS A THIEF THEY ARE STEALING THIS 
IMAGE AND BANDWIDTH FROM ME" most hotlinking is done with chatsites, and 
the person doing the linking will get banned right quick.
just have to name the image the same as the one's being stolen. ~g~
the rewrite rule can put a different image up when someone tries to 
hotlink to your site.


Andrew Kenna wrote:
> There was an article on www.apacheweek.com a while back explaining how .htaccess can
prevent this.
> 
> Andrew
> 
> 
> -----Original Message-----
> From: Chris Taylor [mailto:chris@x-bb.org] 
> Sent: Wednesday, 6 November 2002 3:51 PM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] how do I prevent sites from hijacking my images?
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> It seems that you're missing the point, the problem is that external sites are linking
these images as if they were there own, which is essentially bandwidth theft. The way to stop
this is to use mod_rewrite (as in my previous post). Although the odd client saving the image
to their hard drive may be a nuisance, it's not really the issue, so all of these client side
efforts (JS for instance) aren't what's required.
> 
> Andrew's idea (below) is essentially the implementation of the mod_rewrite solution:
a .htaccess file, but in the end it's the same solution.
> 
> I hope that clears it up.
> 
> Chris Taylor - chris@x-bb.org - The guy with the PS2 WebServer - http://www.x-bb.org/chris.asc
> 
> - ----- Original Message ----- 
> From: "Andrew Kenna" <andrewk@stamina.com.au>
> To: <users@httpd.apache.org>
> Sent: Wednesday, November 06, 2002 4:46 AM
> Subject: RE: [users@httpd] how do I prevent sites from hijacking my images?
> 
> 
> Create a little javascript thing that displays the image, disable right click on that
particular web page and put a restriction on the directory that stores the images with a .htaccess
file and say that the only refferer can be the actual page the images are linked to.
> 
> The above may work
> 
> Andrew
> 
> 
> - -----Original Message-----
> From: Saqib.N.Ali@seagate.com [mailto:Saqib.N.Ali@seagate.com] 
> Sent: Wednesday, 6 November 2002 3:41 PM
> To: users@httpd.apache.org
> Subject: RE: [users@httpd] how do I prevent sites from hijacking my images?
> 
> 
> 
> But you can still "right click" and do a 'save picture as'.. am i wrong? In Peace, Saqib
Ali http://www.sc-icc.org:8080/cocoon/mount/docbook/
> 
> "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)"
Al-Quran 6:15
> 
>                (Embedded image moved to file: pic27644.jpg)
> 
> 
>                                                                      
>                                                             
>                     daniel                                           
>                                                             
>                     <daniel@electro        To:    
> Saqib.N.Ali@seagate.com, users <users@httpd.apache.org>              
>          
>                     teque.org>             cc:                       
>                                                             
>                     No Phone Info          Subject:     RE:
> [users@httpd] how do I prevent sites from hijacking my images?       
>                     Available                                        
>                                                             
>                                                                      
>                                                             
>                     11/05/2002                                       
>                                                             
>                     07:34 PM                                         
>                                                             
>                     Please respond                                   
>                                                             
>                     to users                                         
>                                                             
>                                                                      
>                                                             
>                                                                      
>                                                             
> 
> 
> 
> 
> header output your image using gd in php
> 
> then load the image like <img src="image.php?filename=bollox.jpg">
> 
>>===== Original Message From Saqib.N.Ali@seagate.com =====
>>I agree that there is no way to protect the images from being stolen.  
>>But there are ways to deter people from easily stealing the image. For  
>>e.g. about 3 years back I wrote a Java Application that would parse an  
>>image
> 
> and
> 
>>create HTML TABLE based representation of the image on Pixel level.
>>This HTML table could be easily displayed intead of the actual
>>graphic,  but people couldn't just right click and save it to their
>>Local HD.  However if they really wanted to copy the image they
>>would have to take  screen capture, and paste it into GIMP. This way
>>they would offcourse  lose the quality.
>>
>>In Peace,
>>Saqib Ali
>>http://www.sc-icc.org:8080/cocoon/mount/docbook/
>>
>>"I fear, if I rebel against my Lord, the retribution of an Awful Day  
>>(The Day of Resurrection)" Al-Quran 6:15
>>
>>              (Embedded image moved to file: pic00292.jpg)
>>
>>
>>
>>                   "Lewis
>>                   Watson"              To:    
>><users@httpd.apache.org> 
>>                   <lists@vision        cc:
>>                   six.com>             Subject:     Re:
>>[users@httpd]
> 
> how
> do I prevent sites from hijacking my images?
> 
>>                   No Phone Info
>>                   Available
>>
>>                   11/05/2002
>>                   07:12 PM
>>                   Please
>>                   respond to
>>                   users
>>
>>
>>
>>
>>
>>
>>
>>----- Original Message -----
>>From: "dale's stuff" <stuff@colony.net>
>>To: <users@httpd.apache.org>
>>Sent: Tuesday, November 05, 2002 9:06 PM
>>Subject: [users@httpd] how do I prevent sites from hijacking my images?
>>
>>
>>
>>>Hello,
>>>
>>>I was just processing my logs and have found that once again some
>>>scum
>>
>>are
>>
>>>stealing some images from my site and linking directly to them.
>>>
>>>I am running apache 1.3.2x on RH Linux 7.1. I would like to be able  
>>>to serve a different image to these scum to get the point across that  
>>>they
>>
>>can'
>>
>>>t be stealing my images -kind of like what angelfire and so forth do.
>>>
>>>any suggestions?
>>>
>>>Thanks
>>>
>>>Dale
>>>
>>
>>Hi Dale.
>>There are things you can do to prevent them from linking to them (See  
>>the links below), but to keep them from pulling them off your site and  
>>using them? Nothing. You are offering the graphics over a public
>>network. There are ways to slow some people up or making it a tad
>>more  difficult but in the end there is no way to prevent someone
> 
>>from 
> 
>>pulling what your server is giving out.
>>
>>http://www.bignosebird.com/apache/a16.shtml
>>http://httpd.apache.org/docs/misc/FAQ.html#image-theft
>>
>>hope this helps,
>>Lewis
>>
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP Server
>>Project. See <URL:http://httpd.apache.org/userslist.html> for more 
>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP Server
>>Project. See <URL:http://httpd.apache.org/userslist.html> for more 
>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
> 
> 
> - ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project. See <URL:http://httpd.apache.org/userslist.html> for more
> info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
> 
> - ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
> 
> iQA/AwUBPcifxCqf8lmE2RZkEQITlwCdHhX+tX5MLVleyC+0t/9d1loY6joAoNC+
> 9H4AJ8wNjLxvxf/rYIm63Phz
> =JsIi
> -----END PGP SIGNATURE-----
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message