The hotlink blocking code is case sensitive
Originally, I had the following code in my .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?MySpace\.com/ [NC,OR]
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpg [L]
The first line turns on the condition engine. The 2nd line checks for any site with the domain MySpace.com, and the 3rd line tells the server to show an image called “nohotlink.jpg” to any site mentioned in line 2. Even with this code, the 2nd MySpace user was still able to link to the picture of George Romero with glasses without any problems, as shown below:
After testing different things, I realized the image in question had a capital extension, JPG, instead of a lower-case jpg. On Unix servers, this matters. I went ahead and rewrote my code in the .htaccess file to include capitalized alphabets also:
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?MySpace\.com/ [NC,OR]
RewriteRule .*\.(jpe?g|JPG|gif|bmp|png)$ /images/nohotlink.jpg [L]
That did the trick. The 2nd user was now blocked from hotlinking also. I have yet to try the [NC] clause to the 3rd line above also. The NC variable means no case, meaning the server should treat both uppercase and lowercase letters for the words mentioned in the above code.
Avoid the hotlink blocking loop
I soon realized an issue with my above code. If a MySpace page links to an image, it will be blocked and shown the nohotlink.jpg file instead. However, the nohotlink.jpg file itself is a jpg image file and will be blocked also, sending the servers into a loop where MySpace servers will keep asking for the jpg file and my server will keep rejecting such requests. Such an indefinite loop is not good.
I went ahead and renamed my nohotlink.jpg file to the extension .jpe which would solve the loop problem. A jpe extension file works flawlessly, just like a jpg file. All you have to do is save any file to the jpg format and rename it to jpe yourself. I ended up with the following code in the end:
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?MySpace\.com/ [NC,OR]
RewriteRule .*\.(jpeg|jpg|JPG|gif|bmp|png)$ /images/nohotlink.jpe
[L]
That covered all the image extensions I would want to use, and the nohotlink image file has an extension, jpe, which is not being used in the condition in the 3rd line above.
You can use a custom image to show to hotlinkers
The nohotlink.jpe image is something that will now be displayed on all MySpace profiles which hotlink to my images without my permission. I got this idea first when Stacee commented on my post from 2006 called “MySpace, hotlinking, and site gallery” in which I talked about the same topic. I followed up on Stacee’s idea and created the following image that will now be seen by all MySpace hotlinkers:
Following are the two images of the two profiles who are hotlinking, and how I have stopped their hotlinking by serving the above alternate image instead:
Thanks Stacee. 
I think that is a good way to let people know what is happening and also have free advertising at the same time. What do you think? So far, I am not aware of any of my friends and contacts who are hotlinking to my images. My friends and contacts have permission to hotlink to my images after they let me know.
Three important things I realized due to MySpace hotlinkers
I have realized three things from this:
- Naming all image extensions in the same case is important.
- Checking access logs regularly is important.
- Stopping hotlinkers and stopping the trend of illegal hotlinking is important. Many MySpace users assume it is all right to link to images on other sites without permission. MySpace users: hotlinking to images without permission is not a good thing. It is illegal, not allowed, banned, bad, evil, and weird.
What is your opinion on this? I wonder if I should mention the urls of the MySpace profiles that hotlinked to my images.
« Show less..
