Preventing hotlinking
March 22, 2006 4:34 AM   Subscribe

Is there an easy method for a non-tech guy to use in order to keep folks from right clicking on my site, or, if not that, an easy way to prevent pictures from being copied (getting properties) so as to prevent hotliniking?

I know some sites do this, but I need a quick and easy way to do it for my site, a way that does not entrail many extra steps.
I have gone to sites and found that some disable right clicking, or use a way that prevents copies being made, and I need to do this with my site since there is some amount of leeching going on.
posted by Postroad to Computers & Internet (23 answers total)
No, no, and yes.

The image url can be gotten by viewing the HTML source, no right-click needed.

Javascripts to capture right-click can be easily defeated a number of ways, including the right settings in Firefox.

Hotlinking however, can be defeated pretty easily, not by keeping the image urls secret, but by only serving the images if the referer string in the HTTP request is your page that includes the links (or just includes your domain). To do this, you need to configure your HTML server; you can find easy to follow instructions for doing this for the popular Apache server by Googling.
posted by orthogonality at 4:43 AM on March 22, 2006

I think you might need to be more specific about the meaning of "leeching" to get a good answer.

If you're serving up images at all then you have to be prepared for people to see those images and have local copies of them. Because even if you could stop right-clicking then the location of images is always visible in the source of an html page.. that's a good thing and is part of why the web works as an open medium.

But if "hotlinking" is your main problem in that people are displaying images hosted on your site from a page on another site, then there are steps you can take to prevent this like checking for referrers.
posted by bruceyeah at 4:50 AM on March 22, 2006

Anti-right-click scripts are a hassle for legitimate users and ineffective for anyone who's remotely technically inclined. A far more effective solution is to prevent hotlinking via your .htaccess file. A List Apart has a comprehensive guide, including some nice frills you may not need like gallery pages. Simpler .htaccess methods are available that don't call for the use of an extra PHP file. Really, all you have to do is drop the code in the Splintered link into a file named ".htaccess" and drop that file into the main directory of your server. Unless your web server isn't Apache and doesn't support .htaccess or mod_rewrite (highly unlikely to be the case these days), you're done.

If none of that made any sense, hopefully I or someone else can simplify further.
posted by chrominance at 4:50 AM on March 22, 2006

There is no way to prevent people from stealing your image if they really want to. If it's visible on screen, they can, at the very least, make a copy of it just by capturing the screen. So, if you're only interested in preventing hotlinking, that is easily done via .htaccess files. But you cannot keep people from stealing your pictures and hosting them on their own sites if they really want to.
posted by antifuse at 5:52 AM on March 22, 2006

I DON'T recommend this solution but using Flash galleries can make it substantially more difficult to steal images.

I *hate* Flash galleries so I think this is a *bad* solution but it is a solution.
posted by unSane at 5:57 AM on March 22, 2006

Of course, you can't prevent copies being made AND make your pictures publicly accessible. In the end, if someone can see your picture on their screen, they can take a screenshot and they've got it.

A tasteful visible watermark like this one is another idea.
posted by unSane at 5:59 AM on March 22, 2006

Yeah, use Flash if you want to stop the casual picture thief but perhaps annoy a few casuals page browser.

If you do use Flash, make the navigation as boring and obvious and HTML-like as possible, with giant buttons that say exactly what they do, because that's what everyone complains about when they look at Flash sites -- cool pictures but useless, confusing navigation.
posted by pracowity at 6:36 AM on March 22, 2006

what unSane said, if I were you Posty I'd use Flash and watermarking
posted by matteo at 8:35 AM on March 22, 2006

Postroad, I don't know who your webhost is, but some provide easy-to-use tools to prevent hotlinking.

I use Dreamhost, and on their web control panel there's an option to alter HTACCESS/WebDAV (I think those are the right terms) stuff so that certain file types cannot be linked from off-site. Also, from the same control panel, I can provide a list of sites from which hotlinking is okay.

I recently put a stop to hotlinking of images and mp3s at my site, not because I care if people copy them so much as all the incoming hotlinks were (a) draining bandwidth and (b) cluttering my statistics. People can still come to my site and download stuff, and that's fine; they just can't link directly from another site unless I put them on a white list.

Good luck!
posted by jdroth at 8:37 AM on March 22, 2006

Anti right click is VERY annoying when you're using Firefox with mouse gestures.
posted by crabintheocean at 8:44 AM on March 22, 2006

The anti-right click stuff used to drive me crazy when I used IE because on almost every link I would right click then open in a new window rather then simply clicking it. Sure, I could have setup IE to automatically open in a new window, but it wasn't something I thought about. I just thought "I want this in a new window" and my hand did it's thing.

If a website blocked right-click, I'd just leave.

In firefox, putting in a right-click handler does not disable the built in right-click handler. So their site would do whatever it wanted, then I'd get my own context menu. So it was just a little annoying, and didn't accomplish anything.
posted by delmoi at 8:49 AM on March 22, 2006

I would never visit a site again that had right-click blocked; that means i can't open up the links in another tab in firefox! I think that if someone dislikes their users that much, they need to reconsider putting anything on the web to begin with.
posted by luriete at 9:01 AM on March 22, 2006

Don't try to prevent copying of images. Keep 'em smallish and watermarked if you're really paranoid. Preventing copying is completely impossible (the image HAS to be downloaded to be viewed in the browser. Once it is, anyone that wants it can copy it, by a screen capture if necessary).

You can prevent hot linking, though, which has nothing to do with image stealing -- it's bandwidth stealing. To do it, add a rewrite condition using mod_rewrite to an .htaccess file in the directory where the images reside (or in the webroot, to apply to the whole web site).

If you're not using apache, you're on your own. Google apache hotlink and you get lots of recipes.
posted by teece at 9:02 AM on March 22, 2006

This is one way to disable right-clicking:

<script language=javascript>
function rcDisabled() {
if (event.button==2) {
alert('Sorry, no right-clicking allowed.');
return false;

delmoi, in IE if you want to open a link in a new window you can also hold down the shift key while clicking on the link.
posted by ducksauce at 9:31 AM on March 22, 2006

I hate posting code to Metafilter... the pre tag destroys everything and nonbreaking spaces are ignored.
posted by ducksauce at 9:32 AM on March 22, 2006

PostRoad, are you talking about the site in your profile? I'm assuming that you've copied most of your images from elsewhere by right-clicking and saving, albeit with credit so the only issue you really want to address is to not allow hotlinking surely?
posted by ceri richard at 10:01 AM on March 22, 2006

The simplest way be to mack the images BACKGROUND images in a TABLE cell with CSS.
posted by tkchrist at 10:02 AM on March 22, 2006

I would never visit a site again that had right-click blocked; that means i can't open up the links in another tab in firefox!

If you have a middle mouse button/clicky scroll wheel, you can use that to open in a new tab. I have the tab mix plus extension, so it might be that, but I think it works without it.

The simplest way be to mack the images BACKGROUND images in a TABLE cell with CSS.

So they view source and crack open your css to get the image url..?
posted by juv3nal at 11:11 AM on March 22, 2006

Don't forget that a lot of the fancy Javascript tricks are easily defeated. And a lot of the "anti-theft" tricks that work against Windows users are totally useless on the Mac.

Safari is a great pr0n browser.
posted by drstein at 12:05 PM on March 22, 2006

There's no simple way to do it, as others have said. The only foolproof method is the .htaccess method, which you'll need to talk to your ISP about if you're not very technical.

But one method nobody's mentioned before would be, when you find someone doing it, to just copy your "image.jpg" to "image2.jpg", change your HTML to refer to "image2.jpg", and change "image.jpg" to a big red notice which reads "STOP STEALING MY FUCKING BANDWIDTH!!!".

Do that a few times and they might get the message.
posted by AmbroseChapel at 12:20 PM on March 22, 2006

Please don't stop right clicking. I right click all the time (not to copy images) and sites that (attempt to) block it are aggravating as hell. It'll make me want to leave your site, for good.
posted by knave at 12:32 PM on March 22, 2006

Don't bother. There is no way of doing it. If the picture is on the screen, it can be captured. That's the end of the story.

Anyway everything on the internets is free, right?
posted by ajp at 3:58 AM on March 23, 2006

« Older How to become literate in home recording   |   Are yeasts nocturnal beasties? Newer »
This thread is closed to new comments.