This post is not about protecting images against hotlinking, it's about protecting your downloads against hotlinking.
Problem
If you've been reading this blog you might have noticed I published some wordpress plugins, patches and an xml sitemap module for pligg. Sometimes other people write posts about my patches but instead of linking to my posts they link directly to the download. This creates a series of problems: people might miss important information about the download, page rank is uselessly transferred to a zip, tar.gz, or .patch file, and you're basically serving content for other people's posts while they rip all the benefits.
Solution
So here's an easy way to avoid it. Well you can't really avoid it but you can benefit from it. All you have to do is set up a .htaccess file in your wp-content/upload directory ( that's where downloads are storred by default, feel free to change the location if you're using something else.
This .htaccess file will check the referer of every request on any file in that folder and if the referer doesn't match your domain it will redirect the visitor the search page on your blog with the search term set to the name of the file they wanted to download. most of the time this search will show as the first result the post where you published.
Here's how the file looks on my blog:
RewriteEngine On RewriteBase /wp-content/uploads/ RewriteCond %{HTTP_REFERER} !(www\.)?patchlog.com [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule ([^\/]+)$ http://patchlog.com/index.php?s=$1 [R=permanent,L]
Pretty simple huh?
What about the SEO profits?
As you can see the last rule redirects using a permanent redirect and this means google will transfer page rank to the search page.
Other solutions?
This method is good because it's really easy to implement, but I would like a method that would redirect the visitor directly to the post page instead of the search page. I'm hoping the wordpress download monitor plugin that I'm using will at some point implement an advanced hotlink protection method but until then or until I find time to do it myself this is good enough.
This isn’t a perfect solution. What is with the users with disabled referrers? And no, a referrer isn’t a requirement in the world wide web. Include a second condition for an empty referrer and it’s really better š
Well nothing is perfect anyway š
How many users do you think have the referrer disabled ?
Anyway I updated the code to include the extra condition for them.
Thanks
Not enough, but it’s growing š
what else does it need ?