January 20, 2011
Hotlinking – The Newest Trend in Bandwidth Theft
Website owners soon discover that maintaining and securing online ventures is often more challenging than initially anticipated. Not only is the primary focus centered on generating traffic, publishing current content, and attracting new visitors, but also taking proactive steps to protect valuable resources. While cyber thieves often hijack website content snatching open source code, harvesting e-mail addresses and stealing customers’ credit card information, more tech savvy culprits steal bandwidth by the unethical and illegal act of hotlinking.
What is Hotlinking?
Hotlinking is also referred to as inline linking and remote linking. In practical terms, hotlinking is when another person takes the liberty to “borrow” your images and/or other media files, and proceeds to embed the content directly into their website, usually without your permission. Many website owners don’t realize that content from their website is being embedded in other websites until noticing a significant increase in monthly bandwidth usage reports that can’t be explained.
Unexplained Bandwidth Usage
If you’re web host panel reflects an increase in bandwidth usage, however, your website doesn’t typically generate heavy traffic and you can’t find the source of the bandwidth leakage, then hotlinking may be the virtual parasite that’s sucking up your bandwidth.
Instead of a webmaster doing the ethical thing by saving a desired image or video, and then posting it to a personal blog or website, the webmaster links the content, or embeds it using source code, pulling it from the original content’s server. When the images or video are loaded each time the page is viewed, the webpage with the embedded links generates massive amounts of bandwidth to be unnoticeably embezzled, often to the point a web hosting service suspends accounts for exceeding allocated bandwidth usage.
If you’re not very familiar with hotlinking or embedding images or other media content, then discovering the leak may prove to be a complicated task. In order to understand how thieves can steal bandwidth by hotlinking, it’s essential that you understand enough basic HTML code to know what to look for when investigating bandwidth leakage.
If you suspect you’re a victim of bandwidth theft via hotlinking begin your investigation by logging into your dedicated server and review referral logs for the images on your website. Follow-up on referrals found in the logs and carefully view the source code of potential offending websites. If you find IMG tags in the code directing visitors to your website, then your bandwidth is being used without your permission.
An example tag would appear as: <img src=”http://www.hotlinkingiswrong/stolen-image.jpg>
How to Combat Hotlinking
Perhaps the most obvious first step to stop others from stealing your bandwidth by hotlinking is to copyright the content on your website. There are laws against copyright infringement such as the Digital Millennium Copyright Act.
You may also try to nicely ask the offending webmaster to either delete the content, or with your permission, download the image to their hard drive and then upload and link the content to their website using their own bandwidth.
If being nice doesn’t work consider the following tips:
- Rename your original file; doing so gives the hotlinker a broken link.
- Replace the file with an unpleasant file in hopes of repulsing the hotlinking thieve.
- Replace the file with an informative message that hotlinking isn’t permitted.
- Exchange the hotlink with an advertisement to your own website.
- Contact the hotlinker’s web hosting service and send a copyright and/or terms of service abuse report – best case scenario the hotlinker’s site will be deactivated.
- For websites supported by Apache web servers, utilize the feature that allows you to block images from being illegally embedded without your authorization.
Categories: Security Issues |
Tags: cyber thieves,
hijack website content,
steal bandwidth,
hotlinking,
inline linking,
remote linking,
bandwidth theft,
Digital Millennium Copyright Act
Post comment: