Talk:Preventing hotlinking

FYI, if interested: Explanation of difficulties contributing to this and a related article.

Regular expressions
A subsection probably needs to be added that includes examples of regular expressions that match various domain names. Take the following two expressions from the article for example: ^http://(www\.)?badsite\.net/ ^http://(www\.)?badsite\.com/ Those two rules only match http://badsite.net/ http://www.badsite.net/17 http://badsite.com/ http://www.badsite.com/ A different expression needs to be used if one intends to match any subdomains, for example: ^http://([0-9a-z_-.]+\.)?badsite\.net/ Would match the following: http://badsite.net/ http://www.badsite.net/ http://forums.badsite.net/ http://first.second.badsite.net/ http://the_forums.badsite.net/ -- Atropos 23:20, 14 May 2006 (PDT)


 * My understanding of regular expressions little better than that of a stick of celery, so I'd be delighted to see you add the enhancements you suggest. An example-based article on regex would also be welcome! -- Scjessey 04:28, 15 May 2006 (PDT)

Replacing images
I was looking at the example for replacing images and thought about how it still costs bandwidth, is it possible to do something like this to prevent the loss of bandwidth? RewriteEngine On RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com/ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule \.(jpe?g|gif|png)$ http://img80.imageshack.us/img80/8058/hack9wk.jpg [L] --Einsidler 00:52, 24 Jun 2006 (PDT)

Replacing an image with another
I was amazed recently when I checked the logs of the site. The sheer number of sites that react abnormally to the 302 error generated when redirecting hot-linking sites to a 'theft'-image is staggering. Even Google Images (at least images.google.com.mx) retries those accesses hundreds of times.

Also, the number of page accesses to your site will probably increase by a large number when you redirect in this way (though it is tempting to do so!) I estimate that the bandwidth occupied by image-substitution is actually larger (even when the replaced image is much smaller).

It's just better (though boring) to use the rejection trick (first examples).

X-Frame-Options
Something about the new X-Frame-Options might be good here.  Header set X-Frame-Options "DENY" 