Prevent Hotlinking of Images (Apache and NGINX)

CCarter · Mar 20, 2024

MrMedia said:
They are showing the image on their site - so copy and paste - and then below it saying : Source and the source links to - mysite.com/wp-content/images/theimage.jpg

I just want to confirm the htaccess code above does indeed stop YOUR images from showing up on the offending site if they are using you are the source. I hotlinked an image from Mako on MOE, and then within the Mako htaccess implemented the code:

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?moneyoverethics.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ - [F]

Before:

and After:

So all your images on their site should suddenly appear broken. If you have multiples sites you'll have to expand the htaccess to:

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?buildersociety.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?moneyoverethics.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ - [F]

Here is the NGINX version:

Code:

server {
    ...
    location ~* \.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ {
        if ($http_referer ~* (buildersociety.com|moneyoverethics.com)) {
            return 403;
        }
    }
    ...
}

Edited: Added webp from @Politico code

Politico · Mar 20, 2024

Clutch!
I added webp to mine

RewriteRule \.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ - [F]

I'm assuming that won't break things, will it?

MrMedia · Mar 20, 2024

CCarter said:
I just want to confirm the htaccess code above does indeed stop YOUR images from showing up on the offending site if they are using you are the source. I hotlinked an image from Mako on MOE, and then within the Mako htaccess implemented the code:

Code:

RewriteEngine On RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?moneyoverethics.com [NC] RewriteRule \.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ - [F]

Before:

and After:

So all your images on their site should suddenly appear broken. If you have multiples sites you'll have to expand the htaccess to:

Code:

RewriteEngine On RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?buildersociety.com [NC,OR] RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?moneyoverethics.com [NC] RewriteRule \.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ - [F]

Here is the NGINX version:

Code:

server { ... location ~* \.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ { if ($http_referer ~* (buildersociety.com|moneyoverethics.com)) { return 403; } } ... }

Edited: Added webp from @Politico code

Sick thank you. The links will still be in place but its a solid fuck you to the site that is now filled with 1000s of broken images.

CCarter · Mar 20, 2024

MrMedia said:
The links will still be in place

I suspect they'll replace them or take it down at some point when they realize the images aren't linking correctly - otherwise it makes no sense for users viewing the site and their site metrics will tank.

If they are serious about they site they'll have to figure out a fix, makes no sense not to.

I would also put together a disavow files with ALL their pages that link to you and Disavow the links, then get Google to re-crawl that site, you might be surprised at their rankings afterwards.

MrMedia · Mar 20, 2024

If I wanted to get brutal and dark how badly could I wreck their site?

As far as I am concerned they started this war so its time to strike back hard.

They are protected by cloudflare so a massive DDOS or similar is out of the question - anything else I could do to decimate this scum?

Darth · Mar 20, 2024

Could people hotlinking your images have a SEO benefit for you, and does blocking them remove the benefit?

CCarter · Mar 20, 2024

MrMedia said:
If I wanted to get brutal and dark how badly could I wreck their site?

LOL - sneaky fuckers...

Let's do it. Here is the image in the code on MoneyOverEthics (MOE) - I am hotlinking a MakoBoard Image:

Here is what happens when there is no blocking from Makoboard's htaccess:

Here is the actually source code inside MOE, so you can see it is being served correctly:

Here is what happens when instead we tell it to load ANOTHER image from my MakoBoard htaccess:

--

Here is the code:

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?buildersociety.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?moneyoverethics.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|bmp|zip|rar|mp3|mp4|avi)$ https://i.imgur.com/nE5X4C5.gif [NC,R,L]

So you are thinking he is simply serving her:

... But think, ALL their images will be changed to the above image where they are hotlinking you instead of failing...

But think... what if you server them a very bad image?

(Squint your eyes to figure out what's going on)

Obviously NOT pixelated and blurred. ALL their images would turn into Porn/Adult or even dickrolled gay porn from WickedFire days, instead of your images. And you don't even have to host it, put it up on imgur.

I beg you, please send me screenshots if you implement this - DM or whatever! It's too funny not to share it.

Turn ALL their images into some repeat adult, I did this in the past to some hotlinkers, they got the message quickly, AND if they were not paying attention their visitors saw the adult image for days, weeks, months - and eventually Google will recognize the porn content and tank the site. So they'll have to remove that quickly... (And you aren't hosting the image so you are good).

MrMedia · Mar 20, 2024

CCarter said:
LOL - sneaky fuckers...

Let's do it. Here is the image in the code on MoneyOverEthics (MOE) - I am hotlinking a MakoBoard Image:

Here is what happens when there is no blocking from Makoboard's htaccess:

Here is the actually source code inside MOE, so you can see it is being served correctly:

Here is what happens when instead we tell it to load ANOTHER image from my MakoBoard htaccess:

--

Here is the code:

Code:

RewriteEngine On RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?buildersociety.com [NC,OR] RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?moneyoverethics.com [NC] RewriteRule \.(jpg|jpeg|png|gif|bmp|zip|rar|mp3|mp4|avi)$ https://i.imgur.com/nE5X4C5.gif [NC,R,L]

So you are thinking he is simply serving her:

... But think, ALL their images will be changed to the above image where they are hotlinking you instead of failing...

But think... what if you server them a very bad image?

(Squint your eyes to figure out what's going on)

Obviously NOT pixelated and blurred. ALL their images would turn into Porn/Adult or even dickrolled gay porn from WickedFire days, instead of your images. And you don't even have to host it, put it up on imgur.

I beg you, please send me screenshots if you implement this - DM or whatever! It's too funny not to share it.

Turn ALL their images into some repeat adult, I did this in the past to some hotlinkers, they got the message quickly, AND if they were not paying attention their visitors saw the adult image for days, weeks, months - and eventually Google will recognize the porn content and tank the site. So they'll have to remove that quickly... (And you aren't hosting the image so you are good).

There's epic then there is this.

Watch this space.... It has to be the Meatspin if I do this which I am 90% certain I will.

Any other DDOS type activities? I want these guys to burn.

CCarter · Mar 20, 2024

MrMedia said:
Any other DDOS type activities? I want these guys to burn

Nah, that's illegal and you don't want that type of activity. Simply putting the meatspin or some adult could tank them fast, which is what you want. But also their visitors will press the back button quickly, which will be a bad signal in Google's serp eyes. Imagine if they report that shit! Game over!

Please send me a screenshot, I did this like 15 years ago, never seen it in action since.

MrMedia · Mar 20, 2024

CCarter said:
Nah, that's illegal and you don't want that type of activity. Simply putting the meatspin or some adult could tank them fast, which is what you want. But also their visitors will press the back button quickly, which will be a bad signal in Google's serp eyes. Imagine if they report that shit! Game over!

Please send me a screenshot, I did this like 15 years ago, never seen it in action since.

If I do it I'll send it to you guaranteed.

Ryuzaki · Mar 20, 2024

They don’t care. It’s automated across thousands upon thousands of domains. It’s not for human users. It’s strictly for crawling and indexing for Google. At this point the only thing I can think is it’s some kind of “indexing service” for spammers. They drop the sites and spin up more, reuse previous domains later, add more to the mix, and no human looks at any of it.

Éowyn · Mar 25, 2024

So when we want to add more troll sites, do we add it like this? With [NC] at the end, not [NC,OR]?

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\\.)?buildersociety.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\\.)?moneyoverethics.com [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\\.)?trollsite3.com [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\\.)?trollsite4.com [NC]
RewriteRule \\.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ - [F]

And when we want to block everything except the search engines it’s like this?
Or is it better to stick to the code above and add more troll sites to it?

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\\.)?yourwebsite.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\\.)?google.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\\.)?bing.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\\.)?kagi.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\\.)?search.brave.com [NC]
RewriteRule \\.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ - [F]

or do I make the last rule?

Code:

RewriteRule \\.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ - [NC,F,L]

CCarter · Mar 28, 2024

Éowyn said:
And when we want to block everything except the search engines it’s like this?

Don't do this. You will miss out on the next Pinterest or new search engine that destroys Google.

You can't predict the future.

Better to simply block bad actors than assume there will be nothing new under the sun.

You will also miss out on first mover advantage by blocking the future platforms.

Éowyn · Mar 29, 2024

Ah, okay. Thanks. That makes sense. I won't do that then.

CCarter · Mar 29, 2024

Éowyn said:
Ah, okay. Thanks. That makes sense. I won't do that then.

Also it should be [NC,OR] except for the last one, just NC

The NC stands for non-case sensitive.

OR stands for literally "or", so it connects the next rewrite condtion, until the last one of course. Correct way:

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?buildersociety.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?moneyoverethics.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?trollsite3.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?trollsite4.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|webp|bmp|zip|rar|mp3|mp4|avi)$ - [F]

(You also had extra \ slashes for some reason, I removed that)

Éowyn · Mar 29, 2024

Fascinating. This explains things. Now time to ban some troublemakers to the shadowrealm.

Prevent Hotlinking of Images (Apache and NGINX)

CCarter

Final Boss ®

Politico

MrMedia

CCarter

Final Boss ®

MrMedia

Darth

CCarter

Final Boss ®

MrMedia

CCarter

Final Boss ®

MrMedia

Ryuzaki

お前はもう死んでいる

Éowyn

CCarter

Final Boss ®

Éowyn

CCarter

Final Boss ®

Éowyn