Auto-HotLink

Dynamic Hot-Link Image Generator..

Consider This..

Although a hot-linked1 image is bandwidth-theft, it does present us with an unusual opportunity - that of being able to alter the content of other web sites.

Think about it; by using a dynamic, generated hot-link image, you can take control of THEIR content, and change what THEIR visitors see, even what they read. At least until the offending webmaster sees the error of his ways, something which often takes an astoundingly long time.2

By using a dynamic image, with the potential to overlay text or whatever you like onto that image, you can transform this bandwidth theft into instant compensation; a dynamically generated advert for your web site. How often does someone offer you free advertising space?

Sending these requests to /null or 403, or a daft "NO HOT-LINKING" image, is a crazy, wasted opportunity. Even the image that reads "NO HOT-LINKING", has, of course, been hot-linked. Doh! We want the joke to be on THEM!

Auto-HotLink enables you to make the most of this opportunity. You can import logos and other images, or generate images from scratch, and then overlay text onto that, and spit it out as png or jpeg. Keep their readers up-to-date with your latest promotions!

It's all quite basic, there's not much to it. Like most of the web-site spare parts™ here at the .org, it does one simple task, does it well. Also, it is FREE. You can set a few preferences to control the output, and that's about it. Installation and usage instructions below..



1. In case you don't know; a "hot-link" is when some webmasta, instead of *gasp* creating their own graphics, or even downloading and stealing yours, links directly to the image on your server! Not just design theft, but bandwidth theft, to boot! Wherever possible, genuine webmasters like to prevent this sort of thing.


2. This is partly to do with people being essentially lazy, and partly to do with browser caching. What's so amusing for webmasters who have their images stolen (my HUGE PayPal logo is currently a favourite, along with my rss logo (which is medoicre by any measurement) and Batch-Runner logo (this one, admittedly, is so good that I have more than once caught myself just gazing at it)), is that the scoundrel has no clue whatsoever that his theft has been effectively thwarted.

When he visited your site, his browser stored your lovely image in its cache, and there it remains, sometimes for a very long time. Mr. Hot-linker slaps the image onto his site, loads the page and sees the thing in all its glory. All his other visitors, of course, see your hot-link image, and may or may not think anything of it, except, of course again, your tld is now imprinted in their mind. Mission accomplished.

Sometimes they do spot it, and on more than one occasion I have been openly accused of "Hacking" web sites, which is double-plus amusing when they realize what really happened and have to openly wipe egg off their face. Ho-hum.


How it works..

When a request comes in for hot-linked resource, Auto-HotLink returns a dynamically generated image in its place.

The image can be generated from scratch, or imported on-the-fly. Either way, you can also lay text onto the image, even get clever and lay dynamic text on it, if that's your bag. A counter would be easily doable. Your domain name and current promotion might be a good idea.

Auto-Hotlink can generate a png or jpeg image. If you import a transparent png, it will be output that way, too. The image part is all very basic, no point getting too fancy, just to tell someone to bugger off, politely.

Auto-Hotlink finishes up by (optionally) logging the offending hit, so you know exactly who's stealing (or rather, advertising) what.


To use..

  • Drop Auto-HotLink.php into a decent text editor, set and save your preferences.

  • Upload Auto-HotLink.php into your site somewhere, for example, /err/Auto-HotLink.php.

  • In .htaccess, use mod_rewrite to rewrite image requests to Auto-HotLink.php, or whatever you called it..

    # In your root .htaccess
    
    # Enable mod_rewrite..
    Options +FollowSymlinks
    RewriteEngine on
    
    # hot-linking code..
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mydomain\. [nc]
    RewriteRule ^(.*)\.(gif|jpe?g|png)$ http://%{HTTP_HOST}/path/to/hotlink.php?url=$1.$2 [R,NC,L]
    

    the mod_rewrite code will catch the hot-linked requests, that is, requests for images from pages on other sites, and send them to Auto-HotLink.php, which spits out your hotlink image, instead. The "?url=$1.$2" part is optional, and enables us to log exactly what resource they were trying to snatch.*

    *We might later use this information inside auto-hotlink, to allow "good" referrers to pass-through to the real file.

    By the way, you could do that in .htaccess right now; simply copy the line with your domain in it, switching your domain name with the name of the allowed domain.

    NOTE: On some servers, you will need to specify the host, in other words, use "mydomain.com" instead of the %{HTTP_HOST}, above.

    For more info on .htaccess + mod_rewrite, see here:

    https://corz.org/server/tricks/htaccess2.php

Auto-Hot-Link is FREE!
Help Yourself..


You can view the php source code here..

php document icon, transparent

And a ready-to-go zip is right here..

click to see zip archive contents

LIVE MD5+SHA1 Multi-Hashes..
# made with checksum.. point-and-click hashing for windows. (64-bit edition) # from corz.org.. http://corz.org/windows/software/checksum/ # #md5#auto-hotlink-image-generator.zip#2014.06.04@10.35:08 c705d860716d6c223e200b5d1b9e8d20 *auto-hotlink-image-generator.zip

There you have it.

If the idea of free, albeit sometimes dubiously-placed advertising interests you, or you're simply tired of having your bandwidth stolen, this might be just what you are looking for. Even without the script, it is a neat idea; using your domain name as a hot-link image; something I shared on the aforementioned .htaccess pages a while back. I'll likely add something there, too. Or better yet, a link back to here.

Previous to Auto-HotLink, I used a wee "corz.org" logo, did the job well enough; an advert for the site. But having a simple framework to lay text on this image and alter that text on a whim, is going to be handy for future promotions, no doubt. At the time of writing, it simply reads..

we love corz.org!

Well, dontcha? smiley for :D

Have fun!

;o) corz.org

 Live version..

a corz.org hot-linked image, as seen from outside. The text folk see on THAT site, is up to YOU! This one reads, 'We love corz.org!'. Well, dotcha!

Feedback

If you have a question, feel free to leave a comment, below. I don't expect it to get too busy; Auto-Hot-Link usually just works.


Welcome to the comments facility!


Carlos - 04.06.14 11:50 am

Hi! This is a nice webpage I have been reading for a long time

I was wondering... I want the original image to be shown BUT with a text overlay... because I want people to share images from my site but I want them to display the webpage it comes from.

Is it possible with this? I have been messing with the code but still, no luck :(

Anyway, thanks for the awesome site!


That's a nice idea! Essentially turning Auto-Hotlink into an automatic watermarking script.

It's not that difficult to achieve. Rather than set some pre-defined image, you would need to work with the path supplied by the client, i.e. $_SERVER['REQUEST_URI'].

I like the idea so much, I've incorporated this functionality into the latest version of Auto-HotLink (with a simple preference switch controlling the whole thing), which you can download right now!

Thanks!

;o)



Marty - 03.03.15 2:11 pm

Its a cool idea or just do what I did and put a small watermark on all images uploaded to your server then if they steal them you get free advertisement that way too! My watermark is our web address so shazam!

If folk can get to your uploads, this is definitely a good idea. But no one can get to my (public) uploads.

Most of my own uploaded images are not only watermarked but infested with all sorts of interesting steganographic copyright-retaining data. ;o)



Frans - 23.10.16 4:55 pm

Hahaha, stumbled upon these pages and actually had fun reading them while learning a bit..

Thanks for a good laugh and really, keep up the good work! (bookmarking! ;-))


First, confirm that you are human by entering the code you see..

(if you find the code difficult to decipher, click it for a new one!)


gd verification image

 

Welcome to autoconfig.corz.org!

I'm always messing around with the back-end.. See a bug? Wait a minute and try again. Still see a bug? Mail Me!