After my recent move to HostMediaUK I've been able to see more in depth statistics about one of my sites, including traffic and data usage. This also includes having visibility of other domains that are linking directly to my content. This is popularly known as hot linking, and if you haven't asked permission is considered very impolite.

This also uses up your servers bandwidth rather than theirs. This article explores how I use a URL access file, either .htaccess of http.ini depending on your platform, to stop other domains from linking directly to your hosted resources.

The first caveat of this article is that you must be using a URL rewriting application layer of some kind. This can be Linux or Windows based, it doesn't really matter.

We are going to create a series of Regular expressions to block other domains having access to our files. At the same time we are going to allow certain exceptions such as search engines and emails.

I am using .htaccess re-writing so my example below is based on the syntax for that, but the principle is the same. There are a few checks to run through to ensure each condition is met.

• The referer is not blank (no value)
• The referer is not the current site
• The referer is not an image search bot
• The referer is not an email client
• The user agent is not a search engine bot indexer
• The image in question must be a gif, jpeg, jpg, png, bmp, swf
• If all those conditions are matched then redirect to a 403 forbidden page

The two key pieces of information in the example above are the 'thisDomain' value, which is the domain you want to protect. The second is the last line where you list each of the file formats you want to protect and the place you want the denied request to go to. In this example a 403.cfm file. You could put in an image URL here instead if you were more concerned about hot linking images.