Site Navigation
Harry's Place Business Site Tools Articles Change Colour
Diary
Almost a blog
Other Sites
www.uklug.co.uk The Banana Tree HR-XML Builder Check PageRank NDT Training Tandem Canada Luton Solicitors

If you are color blind try the Color chooser Color chooser Color chooser

What is Bandwidth theft.

Banidwidth theft is where a website owner will steal bandwidth from your site without your consent. Wasn't that stating the obvious! Yes it was and I did it because some people don't think that this is possible and there are the ignorant webmasters who don't realise they are doing it. I will demonstrate a few mehtods used and some ways of circumventing it.

Image Theft

This is by far the most common method used. This is achieved by adding a full URL in an "<img>" tag. For instanse I have stole the image below from the W3C site. please note that you are allowed to do this with this image if your site is valid html. I have their consent to do this. I am pretending I don't

Valid XHTML 1.0!

To do this I used the following HTML 

          <p>
          <a href="http://validator.w3.org/check?uri=referer"><img
                   src="http://www.w3.org/Icons/valid-xhtml10"
                   alt="Valid XHTML 1.0!" height="31" width="88" /></a>
          </p>

as you can see I am using a different URL to this site. The image above could just as easily resided on your server or on the other side of the world. When the browser sees the URL it makes the request to the server that has the image and the server will send it to the browser. This uses the bandwidth on the server where the image is located. It appears as if the image belongs to the site you are viewing but this is not the case.

How to stop image theft

If you are using apache then this is easy. We need to call to arms one of the most powerful Apache modules mod_rewrite. This module is the swiss armay chain saw of the apache modules. If I add a .htaccess file to the root directory of the server then I can add the following simple rules to block any bandwidth theft of my png images. 

        RewriteEngine on
        RewriteBase /
        RewriteCond %{HTTP_REFERER} !^$
        RewriteCond %{HTTP_REFERER} !^http://(www\.)hjackson\..*$ [NC]
        RewriteRule ^.*\.png$ - [L]

Replacing the image

You can be nasty and replace the image but I advise against anything other than a message as to what is taking place. For instance I am going to try and link to an image on one of my sites that I know is protected by mod_rewrite.

UKlug Badger logo

You can see straight away that replacing the image with a message is an affective way to stop a bandwidth thief. I will leave it up to you to think of better messages to send. I would recommend something simlar to the one one above because it is reasonably informative. There is also the chance of provoking an attack if you get carried away so I would not recommend replacing the image with the infamous goatse. To replace the image I used the following. 

        RewriteEngine on
        RewriteBase /
        RewriteCond %{HTTP_REFERER} !^$
        RewriteCond %{HTTP_REFERER} !^http://www\.uklug\.co\.uk.*$ [NC]
        RewriteRule ^.*\.(jpe?g|gif|png)$ pics/bwt\.png [L]