How to stop bandwidth stealing with htaccess file

By Ashish Mohta

Bandwidth Stealing is a scenario when somebody uses a file from your site directly to his. This results in consumption of your bandwidth. Many people does not realize but this is a common problem and as there is no direct way to know about it, we never get to know about it. This scenario can not only lead to your hosting banning your site as its out of bandwidth but your content is getting stolen too. If you want  you can read about Top Five Ways to stop content stealing

What is hot linking?

Hot linking is a scenario where some other site uses files hosted on your site. This results in bandwidth stealing as every time the hot linked page is viewed, images or files are requested from your server hence your bandwidth is use.

How to find if my files are hotlinked ?

There is no direct way, But when I asked my hosting about it, they said we can check our web stats and find out how much bandwidth is being used by which page or other things. If you something very high try to find out where it is linked.

How to stop hotlinking using .htaccess file ?

This can be helpful for PHP based site and wordpress based sites.

Before you write your own rules, enable the hot linking protection enabled and then write into .htaccess file. I did it reverse and my site gave Error 500. Be Careful. In case if something goes wrong just remove the .htaccess file and replace with original one ( Did I forgot to say backup your .htaccess file first ? Please do it ) and be sure mod_rewrite is enabled. Ask your hosting about it.

There are three ways of doing it.

  1. Ban all hotlinkers
  2. Ban one particular hotlinker
  3. Show a different image to one particular hotlinker

I followed the second step as I came to know who was stealing my content. Here is the code I used


# BEGIN WordPress

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://xxx.com/.* [NC]
RewriteRule \.(gif|jpg|js|css|JPG)$ - [F]

# END WordPress

You can replace xxx with the site who is stealing your bandwidth and in second line you can restirct files by extension or types. Remember This is to just avoid one hot linker. Here is the link to complete guide of all the three scenarios. Stop Image Hotlinking using .htaccess and this article How Do I Stop Hotlinking and Bandwidth Theft? can explain you meaning of each line and terms being used. I would recommend using the first link for implementing the code and second to understand it better. ( I got some problem while using the code from second article)

I don’t have PHP based Site or Wordpress What should I do?

Not sticking to just wordpress but every hosting has Hot Link Protection feature. You can query your hosting about it and ask how to enable it. Just remember, you should allow your site url to access it.

Since I faced this problem, I wanted to share it with you all. I hope this helps many others.

 

About The Author of this article:
Ashish is one of the co-author of this blog and writes on various interesting softwares, PC tips and more. You can read more of his articles here.

Offer of the month Get a free page for yourself

Readers Play Ground


12 Comments and Link-Backs to “How to stop bandwidth stealing with htaccess file

Click Me and Jump to Add your Comment :)

12 Comments from Friends and Readers

  • Technology Bites, May 9, 2007:

    Did you test this one,

    I used it this way

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} ^http://(.+\.)?xxx\.com/ [NC]
    RewriteRule \.(gif|jpg|js|css|JPG)$ - [F]

    Hotlinking Protection feature is available in cPanel

  • Ashish Mohta, May 9, 2007:

    @Technology Bites: Not the the one you told. Can you explain what is (.+\.)? used for

  • Nirmal, May 9, 2007:

    This is a serious problem. I never knew about it. Thanks for the info.

  • km, May 9, 2007:

    nice tips.. i check out my web hosting bandwidth statistic and find there are a lot of bandwidth stealing… Thanks for information and now can overcome this bandwidth stealing issues.

    Keep the good job..

  • Technology Bites, May 9, 2007:

    Ashish i am not an expert in this, so i may be wrong.
    (.+\.)? This is to add all the subdomains

  • kuanhoong, May 9, 2007:

    Good Tips.

    May I ask what plugin you are using to create your archives?. I like the tag style.

  • Ashish Mohta, May 9, 2007:

    @Kuanhog: Great you liked it. The plugin for cloud I use is

    Ultimate Tag Warrior

    Rest I have done manually You can find that in any K2 Theme

  • Mr.Byte, May 9, 2007:

    As Technology Bites mentioned, is it not enough if we activate hotlinking protection in cPanel?

  • Ken Xu, May 10, 2007:

    I think this is a great script to handle those thieves. But I think there is a problem with this script and not flexible enough to prevent bandwidth thievery.

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} ^http://(.+\.)?xxx\.com/ [NC]
    RewriteRule \.(gif|jpg|js|css|JPG)$ - [F]

    I notice that this xxx.com only can handle for one site. What if there are many site that hotlinking to mysite’s? Oke, Let’s say we put another sites that “detected” as a hot linker. How about the “undetected” linker?

    Well, that’s just my opinions. :-)
    May be our web host will give us solution to this issues.

    In my country, Bandwidth is expensive. So, a quick solution for this problem is usually important. If anybody have idea, please drop me a message :-)

  • Technology Bites, May 10, 2007:

    @ Ken Xu

    To solve your problem you can use the below rule. What it does is it blocks all the external sites from accessing your images, except your own site. All you have to do is replace yourdomain.com with your site url.

    RewriteEngine on
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
    RewriteRule \.(gif|jpg|png)$ - [F]

  • Ashish Mohta, May 10, 2007:

    @Technology Bytes: That will make your images not to appear on your feed and anywhere else. Its bad for feeds specially and emails

    I tired it.

  • Technology Bites, May 10, 2007:

    @ Ashish,
    ur right i didnt think about that, thanx

Leave a comment Share your thoughts with the world

Scroll Down and Check footer for more details

Search








  • Recent Comments:

    • vinu: hi Manav, I need an invcitation for creating an account in Dropbox.Can you help me out.
    • Matt: My invite hasn’t come yet? please invite me again, and I will invite these people here!!!
    • ricky: R1cky1337 at gmail dot com Any invites would be greatly appreciated thanks!
    • Anghesom: thank you
    • Maria Francois: Hi, could someone please send me an invite? I´m searching for long time but still didn´t find...
    • jcidiot: @dit… actually its dx9c update files. but close.
    • Maja: BEST
    • jonscito: I like so much this plugin … is look like atractive and is very useful
    • Brett thomas: i would like to get this msn
    • caranijuan: where’s my invite?

Technology Blogs - Blog Top Sites