Image Siphoning Fun

Image siphoning seems rather common. That is, people referencing images on your server via an absolute URL. Using your bandwidth. Often, a referrer check shows the culprit. Ah yes. They’ve used a CSS example I posted a long time ago. That’s cool — but they’ve changed the relative URLs in the example to absolute URLs instead of copying the images to their own servers. Not cool at all.

before and afterThere are several ways to prevent this, or deal with it after the fact. There are times when I like to have fun with it, swapping the image being siphoned with something a little more humorous (Figure 1). The fun part is seeing how long it takes for the offending site owners to notice and make the change.

Depending on the size of the image being “borrowed”, you could get even more malicious with the image that you replace. I’m not advocating that, but encourage something harmless, yet funny to get the point across.

This technique is nothing new, just something I was (unfortunately) reminded of this morning while checking a referrer gone wild. If in fact the culprit likes your modified image, then well… you haven’t solved the bandwidth issue at all.

Update: To avoid confusion, my solution of just replacing the image with a new one would probably not be optimal for most (for instance, if you’d like to still use the same image by the same filename). Be sure to check the comments for “hotlinking” fixes that don’t require replacing the image.

38 Comments

  1. Matt says:

    It may be a little more noticeable if you use a bitmap font and say something “This image belongs to Dan C”.

  2. Brett says:

    Perhaps you can offer up a link to said technique for those who, like me, have a good idea what you’re getting at, but aren’t quite sure where to start?
    I like the frowny-face!

  3. Matt – That would certainly be ideal. In this particular case, I was limited to 13×6 pixel image. So, I had to get somewhat creative.
    Brett – The technique is nothing more than replacing the image that’s being referenced with something else (maintaining the same filename). There are better ways of blocking image access from foreign servers… I’m hoping someone may mention those in the comments.

  4. web says:

    Yes I had this same problem .. but the photo I chose wasn’t so “innocent”
    It was very easy to do with an .htaccess file ..
    I think this is also known as “hot linking.”

  5. Brett says:

    Ahh yes. I thought you used a form of fancy referer checking I was unaware of. Thanks!

  6. I ran in to this problem lately also. A List Apart published a good article on this subject a while back.

  7. Mike P. says:

    Geez Dan, Doug was only doing it for April fools day ;-)

  8. I was watching TV late one night and this crazy commerical comes on for “Referrers gone wild”. Needless to say I ordered the VHS for $17.95 (not including shipping) right away. What is cool is they threw in “Tables gone wild” for free because I ordered at 4am. Saweet!
    Seriously though, I’ve done the same thing with the image swapping. It’s fun, but make sure you’re not a goober and you make an image that is bigger (in bytes) than the original ;)

  9. Actually the screenshot looks better with the frowny face. ^__^
    Dan: You could do an animated GIF. Make the frowny face blink several times then scroll the text “This image belongs to Dan Cederholm of http://www.simplebits.com” and loop forever.

  10. matt says:

    Dan,
    Information on using apache’s mod_rewrite to prohibit image linking can be found at http://corz.org/serv/tricks/htaccess2.php under the heading “Prevent Hot Linking.”

  11. matt says:

    And there’s also an article about this at A List Apart Smarter Image Hotlinking Prevention.
    Matt

  12. Bryan says:

    When reviewing referral logs, what would you look for to find a culprit who is doing this?

  13. Eric says:

    Isn’t it still your bandwidth, frowny-face or arrow?

  14. Eric says:

    Yeah, no, nevermind, I’m an idiot. The leech would supposedly take it down when it’s not the image they want anymore. Hellooooo reading comprehension!

  15. escapist says:

    I still LOVE what John Serris did when Photo Phunk got ripped:
    http://phonophunk.phreakin.com/news/?p=40

  16. JB says:

    Yeh theres the htaccess route, and at one point I’ve whipped up a PHP script that puts a watermark on the image, or can replace the image completely with another image that says that the image requested cannot be linked to externally.
    I’ll try to dig up that old script and post it.

  17. Anton Olsen says:

    I finally got around to adding a rewrite for this purpose to my site. I got tired of people stealing the thumbnails off my blog.
    The image is redirected to hotlink.gif which simply says lr2.com/hot. I’ve also considered redirecting to a php script that sends the gif at one byte per second, but that might be too cruel.

  18. tom sherman says:

    Re: comment #6… I took the PHP+htaccess approach outlined in the ALA article and used SHTML instead. (Truth be told, I’m a little sick of folks assuming that every web author knows/likes/uses PHP. My simple CMS scheme uses SSI. I don’t want to deal with PHP–and I know others don’t want to either.)
    Anyway, here’s my anti-hotlinking article.

  19. Kevin Tamura says:

    I think you should take them out Marv style with a little razor wire, hack saw and … um sorry i forgot myself. I enjoy just making the graphic as anoying as possible adn waiting to see how long it takes for them to change.

  20. I’ve been getting trackback spam, so I’m thinking of using a hotlink approach to make sure that whoever is sending the trackback actually exists. It’s like checking to see that your domain is requesting the image, I guess.

  21. Awacate says:

    Hello! I had the same problema. I’ve seen some links here, and I’m going to put mine. :-) Perhaps this could be also useful for you.
    http://solutionscripts.com/cgi-bin/users_know/know.cgi/misc/hot_linking.html

  22. I recently swapped an image being stolen with another version that was a 1px wide by 4000 pixel high gif. The file was very small in size, so I saved on bandwidth as compared to the original. The best thing about this method, was that it pushed the offenders content 4000 pixels down!

  23. Simon Jessey says:

    Bizarrely, I wrote an article about hotlinking just a few days ago. A number of different techniques (all using .htaccess) are offered.

  24. Working for a newspaper we have had to do this a few times when people were linking to images of bands that had passed through town and we did artices on them. It is by far the most effective method for making them stop.

  25. Oliver says:

    Malicious you say? :D

  26. Kate says:

    But it’s a right of all website owners around the world to be malicious when replacing images!
    I mean, isn’t that what all that porn on the internet is for?

  27. Ben says:

    I remember what happened a few years ago when someone on a forum tried to hotlink an image from somethingawful.com.
    They lived up to their URL, shall we say.

  28. I’ve had the misfortune of Livejournel/Xanga/et cetera users having this “cute” habit of hotlinking >300kB desktop wallpapers for their blog background.
    The more malicious way to get one’s point across with a bit of mod_rewrite magic did work a treat though. :D

  29. Just recently I stepped on leechers’ throats too. At first I was sniffing out referrers, but then a couple of Blogline subscribers pointed out they saw the anti-leeching image too, so I had to switch to a home-grown blacklist.

  30. The avid slashdot reader will have immediately thought “Ah, http://goatse.cx here I come”
    You could be damned sure that image siphoning would stop in no time.
    (I didn’t put a link in there, because I didn’t want anyone clicking on it, just in case it’s still online.)

  31. Mikey says:

    Or you could use it as an opportunity for advertising…LOL! Replace ti with an image w/ your URL on it and everyone will be wondering what this mystery site is popping up everywhere. Also it will rat out the web designer when his boss see’s that he’s been just stealing ideas and code from other places and getting paid top dollar for it.

  32. tom sherman says:

    Re #31: I used to put up an image that said “UNDERSCOREBLEACH.NET IS BETTER THAN THIS WEBSITE.” Egh.

  33. Mikey says:

    Re #32: Yea, that is the perfect idea. Especially if it’s a corporate company that gets exposure. Every little bit helps. ‘m having the hardest time networking and getting people to visit my site.

  34. tom sherman says:

    Well I just went! Haha.

  35. A funny read… I just stumbled upon you blog today… Keep on writing its awesome.

  36. This is one of my biggest frustrations. I’ve been using the image swap technique for a few years now (when I have time). For me the biggest culprits are people posting to forums. However, when the offending person happens to not specifiy image height and width, that’s when I get to have some real fun. I’ll change the graphic to whatever I have to (sometimes something vulgar, unless it’s a family oriented site), and presto, problem solved in a day or two.

  37. P.J. Onori says:

    I’d had a horrible time with this problem. I used to do illustrations which I would obviously display on the internet. Unfortunately, a large block of my bandwidth would be taken up by teenage girls hotlinking them to their livejournals. It got so bad I had to take them off my servery and it made me seriously question my illustration style since I felt link the N’Sync of the illustration world.
    There were plenty of times where I was highly tempted to swap the image with something less relevant or perhaps appropriate but I would almost always decide otherwise.
    If they ever come up with a simple method for fixing this, I’ll be all over it.

  38. Larry Lyons says:

    A friend of mine is a professional artist and had an online portfolio up on his site. A fair number of his images got siphoned on a regular basis. He’d replace the image with something he downloaded from one pics.erotic news groups, slowly replacing more of the original image each day. It usually did not take more that 3 or 4 days to the siphoner to stop.
    Perhaps combined with mod-rewrite you could automate this.
    larry