If you run a web site, you probably see this occasionally as well people use your Files and Images, and
instead of copying them over to their own servers they simply hotlink to your server. Now I don't mind it
when people use my Files and Images, nothing really worth protecting here. But I don't like it when they
start stealing my Bandwidth and Spamming my Access Logs.
So far it has been mostly forums. That's annoying of course, but people posting in these forums simply
don't know better and there aren't many hits anyway. Today however I saw that a particular Italian site
published news on the Ad block Plus 0.7.5 release and simply hot linked to the image from my first page. This
created over a thousand hits in my access logs on just one day. Too bad for them because I reconfigured my
web server now to redirect these requests to this little gem courtesy of hetemeel.com. I wonder how long it
will take them to notice this.
And that's the interesting part about hot
linking if you hotlink to files and images on another server
there is no guarantee that these Files and Images won't change. John McCain had to learn it the hard way by
involuntary changing his opinion on gay marriage. It is defacement but in this case it isn't even illegal
since you are allowed to do with your content whatever you want.
But that isn't all of it. As pdp notes over in his blog, you can use sites hotlinking
to you for running attacks on other web servers. You can redirect your images to any address you want, and
all visitors of the hotlinking site will request this address. You could run Denial-of-Service attacks or
SQL injection, and the address of your web site will not even be visible in the logs of the site being attacked.
So, if you decide to use other people's content like files, images, scripts or styles
upload them to your server so you are sure they won't change. When you are hot
linking you never know what will be on the other end of the link tomorrow.
WLADIMIR PALANT |
