Protection against Bandwidth Stealing



I don't know, I never heared about, what is it? Similarly I also thought, when I heared it the first time. I worried sometimes then nevertheless more about it when I checked my log files more in depth and stated that a file was called more often than plausibly.

What had happened? A Webmaster had merged this file into his homepage. He had not simply copied it, he putted a Link on my file in his code and for the visitor of his homepage it looks in such a way, as if the file was located on his Web space.

There are different possibilities, to protect ones files against so a theft, which sometimes costs even still money, since the other Web master generates Traffic on another Web space and then with exceeding of the contractually agreed volumes of data the robbed one has to pay.

I would like to describe here a simple possibility, which can be used by nearly all Web masters. It works only, if the Web space lies on an Apache server, but these are used by nearly all providers.Diebstahlshinweis

Who established already once password-protected pages on his homepage knows already the file .htaccess. This file has however still further abilities. One of it is to check, whether the requirement of a file comes from the own Web space, or by a foreign one. If the call does not come from the assigned Web space, then either the file is not shown (a red X appears) or a replacement-pic. I use for this purpose the Gif on the left and who links to files on my Web space in the way:

<img src="http://www.ulliswelt.com/dateien/htm/barcelona/PICT2870.JPG" alt="" border="0">

sees only this picture. It is is realized by the following file the .htaccess

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?ulliswelt.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?tanjaswelt.com/.*$ [NC]
RewriteRule \.(gif|jpg|GIF|JPG|pdf|PDF)$ http://www.ulliswelt.com/dateien/pics/diebstahl.gif [R,L]



In the 3rd row you have to name your URL instead of UllisWelt.

The 4th row is optional and in this case it permits the Web space of TanjasWelt to use files from my Web space too. Who has pictures e.g. for a postcard server, the URL of the server can be indicate here. You may use more rows for more permissions.

Who the 4th row omits, permits nobody to include files from this Web space into his.

Who does not want to transfer a picture, although the size of my GIF is only 3 kB, should replace the last row with:

RewriteRule \.(gif|jpg)$ - [F]

This creates a red X.


The expression in the round brackets is crucially, to define the kind of files which can be protected. The expression can be easily extended, e.g.: (GIF|jpg|GIF|JPG|pdf|Pdf|png|Png).

DThe file can be provided and stored relatively simply with an ASCII-Editor, i.e. Notepad. Who has problems to store the file named .htaccess, it can be stored under any name and then renamed to .htaccess with the Explorer.

An other way ist to open a DOS-session and enter:

Copy con .htaccess

and than the text of the file. At the end you have to enter ctrl+z to store the file and close it.

The file must be stored in the root directory of the Web space (where normally also the Index.htm(l) is located).

Who wants to learn more about the .htaccess, this Link fleads to the documentation of Apache.org.

To be continued soon



© Ulrich Hoffmann 2003