View Full Version : Preventing leeching of images

06-24-2003, 11:00 PM
I have followed the tutorial at this link (http://www.javascriptkit.com/howto/htaccess10.shtml) to stop images being leeched from our site.

In testing though, some people visiting this this off-site link (http://rctinc.alexhansford.com/index.php?showuser=95) can see the image all the time, some people see it but then cannot if they force a refresh.

What is missing from this tutorial in this first link? What am I doing wrong?

06-24-2003, 11:58 PM
don't understand what you are trying to do, that site you posted is about linking of your images...there is no way to protect your images without the use of watercolor as I have heard. Your source is always available and your pictures will always be vulnerable to be taken. So what are you trying to do?


06-25-2003, 12:41 AM
The first link suggests that a .htaccess file on my site will cause links to images from outside my site to 'break' and not display.

I have implemented a .htaccess file as described in the first link.

On the second link I have posted an image link (in the signature) back to my site. According to the tutorial, the image (in the signature) should not display. However, the feedback that I'm getting from people who have followed that 2nd link is that the image does not display for some people, but it does for others.

This suggests that the tutorial (in the first link) is not a COMPLETE description of the contents of .htaccess that I need to implement.

06-25-2003, 02:41 AM
ok, then what is the image that you are trying to have broken or what? cause in that example you will need to add the "." extensions for the files you want broken...if its a .png like your "board" thing then you need to have the line
RewriteRule \.(gif|jpg|png)$ - [F]
this way it looks at all files with the .gif, .jpg, .png and breaks them all....is that what you need?


06-25-2003, 08:09 AM
Thanks yes I had already amended that line already to include png and jpeg.

But what I am asking is why some people who follow the second link CAN see the signature image and why others CANNOT.

It's like the .htaccess file works for some people but not others.

06-25-2003, 07:17 PM
so let me get this straight, you are using Apache as your web server, you created a file called ".htaccess" and in that added the broken link or whatnot garbage to prevent leeching of your images. You placed it into a directory that has subdriectoris for your pictures and thus will prevent leeching of them...is that correct? And its still not working?

06-25-2003, 08:44 PM
Apache is my web server yes.

I placed this .htaccess file at the root of my site, NOT in the Images folder

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?rct2.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|png)$ - [F]

The image I am linking to is in the Images folder. And as I say, some people say that they can see it from the 2nd link I gave, and others say they cannot.

06-25-2003, 09:04 PM
did you run a chmod on it to 644 so that it is read by all and write by you and not executable? that was the other requirement in that tutorial, other then that...if the site isn't yours and you aren't running the apache server, maybe .htaccess is off and it needs to be turned on since it is a memory hog prog...


06-25-2003, 10:02 PM
Yes file is 644.

I don't run the apache server but I'm sure that .htaccess is ON as I have asked my host.

Dylan Leblanc
07-03-2003, 12:49 PM
If a users browser does not send the referer information with the HTTP request, what happens when this .htaccess method is put in place?

I really do wonder. Maybe this could be creating your situation.

07-03-2003, 10:23 PM
It apears that the tutorial I followed does not warn of the problems that this approach can bring to the surface.

For example visitors legitimately visiting my site (not 'leeching') who have Norton Firewall on their PCs configured with the default configuration are not seeing the images because the firewall is hiding the referer information.

However that doesn't explain why when sites ARE leeching, the graphics are still visible.

Perhaps I have been fooled by a tutorial which describes a very simple solution to a problem that is bugging our site, but which in actuality causes more problems than it fixes.

Dylan Leblanc
07-03-2003, 10:39 PM
Actually, the method given is quite commonly used. I actually used that same website to do this for my website, however I never noticed any problems with it.

Putting the given code in an .htaccess file is a very common way to prevent hot-linking.

07-03-2003, 10:41 PM
I never noticed any problems either. Regrettably, my visitors do. :(

07-03-2003, 11:43 PM
are there any blank lines in the file?


07-04-2003, 12:54 AM
There are yes, but the problem also occurred when there were not, unless there were some extra <CR><LF> at the end of the file.