Hotlinking Punishment
 

Some nice code from a good friend of mine.

.htaccess:
RewriteEngine on
RewriteRule ^(.*)\.gif$ /punisher.php?file=$1.gif [L]

punisher.php:
?
$localsite = "yoursitename.com";
$ref = getenv("HTTP_REFERER");

if ($ref != "" & !preg_match("/$localsite/i", $ref)) {
header("HTTP/1.0 302");
header("Location: $ref");
}
else {
/* This doesn't work for some reason */
header("Content-Type: image/gif");
@readfile("$file");
}
?>

What this will do is automatically img src a hotlinkers entire site. Obviously you need to add < before the first ? mark

Enjoy..

Thanks we'll try that :thumbsup

sweeeeeeet

hehe nice but it is illegal to do that though :)

When you test the code, it does not appear to work.. funny thing is keep checking the image source properties

A hotlinker has more rights then the server owner?

Definately a backwards society

oh but it's legal for them to hotlink you to start with right? What? the site you img src is gonna report you to authorities for what? doing to them what they're doing to you?

Exactly..

Well we don't live in a society that allows us to do ourselves justice. The cops and the courts are here for that.

Technically, yeah he can sue you.

I would love to see a hotlinker take someone to court.. lol

just replace the hotmilnk image with somthing creative!

.. hmmm

RewriteRule ^(.*)\.gif$ /punisher.php?file=$1.gif [L]

That bit is the only bit that I find a bit wrong, what if someone is hotlinking say x.com/images/x.jpg

Would it not try to access x.com/images/punisher.php?

Correct me if i'm wrong it looks like a great script and I can't programme for shit just trying to clear this up :)

You obviously can customize as needed

But that doesn't work with Mozilla! :( Mozilla can still see hotlinked images!

jDoG

You look at the image properties?

It does work with people using IE, I'm not able to load the image on www.jdogsbitches.com from the other domain gallys.ezfreeporn.net but in Mozilla it will allow me to do it!

This is the hard part of referrer based hotlink protection! And that is what the hard part of hotlinking movies is, that WMP opens them with no referer at all! :( Just my :2 cents: But it is good code for any of you out there!

jDoG

No, I know it works for IE, but every browser carries referer's differently!

jDoG

Let me look at what is wrong here, becasue I had it working fine with zilla and IE

Referer based is totally weird but it does work with zilla for some things! Like fusker it works!

jDoG

Don't do anything illegal, just redirect his hotlinking traffic to your sponsor. Much more productive :thumbsup

See Sig :drinkup

That is a dangerous piece of code. What if I request:

http://hostname/punisher.php?file=/etc/passwd

You guessed it! I can see all the valid users on your system. There are many other files I can see also.

Please don't use this code!!!

You should sanitize the vars before using them, or else you might get hacked :(

If I hadn't seen the code, it wouldn't be as easy to snoop your system. But smart hackers/crackers will test a bunch of stuff to see what works.

I hope everyone understands how serious this can be!

I'd edit this post Mojo and remove the code before others use it.