Anti Leeching Methods

Definition

Bandwidth stealing ('leeching') is a recurring problem within Indymedia. It usually happens when new IMCs are setup or web sites are revamped completely and sysadmins forget to think about possible negative side effects of open multimedia posting.

Problem

Every IMC setting up an image, audio or video (or any other big files) upload facility should make sure that their (often donated) bandwidth is not abused by people who upload their files at Indymedia just to provide them to visitors of their web site which may be totally unrelated to Indymedia.

Solution

To do so, provided that the mod_rewrite Apache module is active, the sysdamin can place a .htaccess file similar to this into the uppermost web-accessible directory ('web root') of the media server. This file will restrict direct access to media files to a whitelist of certain web sites, defined by you.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?perthimc\.asn\.au [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?perth\.indymedia\.org [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://([.-a-zA-Z0-9]+\.)?indymedia\.org [NC]
RewriteCond %{REQUEST_URI} !^/no.jpg [NC]
RewriteRule \.(gif|jpg|jpeg|png|tif|tiff|bmp)$ http://perth.indymedia.org/noleech.jpg [R,NC]
RewriteRule \.(mpg|mpeg|avi)$ http://perth.indymedia.org/noleech.avi [R,NC]
RewriteRule \.(wmv|wma)$ http://perth.indymedia.org/noleech.wmv [R,NC]
RewriteRule \.(ram|ra|rm)$ http://perth.indymedia.org/noleech.ram [R,NC]
RewriteRule \.(ogg|ogm|wav|mp3)$ http://perth.indymedia.org/noleech.wav [R,NC]

Please keep in mind that this is an example which you need to modify to make it work for your IMC.

The lines similar to

RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?perthimc\.asn\.au [NC]

define web sites which may access the media directly. Everything behind !^ is a regular expression. Be sure to to include all friendly URLs, i.e. all possible URLs of all the IMCs allowed to link directly to the media on your media server.

On the other hand, the lines similar to

RewriteRule \.(gif|jpg|jpeg|png|tif|tiff|bmp)$ http://perth.indymedia.org/noleech.jpg [R,NC]

define where abusive links for the given file types are redirected to. You should use fully qualified URLs here.

The http://perth.indymedia.org/noleech.jpg in this example is just a blank file (at least it was by the time of writing). It could alternatively be an image that says

Directly referring media on this Indymedia web site is not allowed. Please link the relevant articles on our web site instead.

For other media types you will need to provide additional files giving the error message (like noleech.avi, noleech.wav etc.).

Extending the whitelist

Maybe you want to add other external web sites which you consider friendly, too. For example:

RewriteCond %{HTTP_REFERER} !^http(s)?://images.google\. [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?altavista\.com/video [NC]

These rules have not been tested.

Limits

Please note that these rules will only make it more difficult to steal your bandwidth, however they can be bypassed quite easily.

Also, people who turn off sending referrer info in their browser (for privacy reasons) may have trouble accessing media on your site.

Other resources

You can find many in-depth articles with much better solutions by using search engines. Good search terms are bandwidth stealing, leeching, link abuse, (image OR media OR video) AND hotlinking.

I also came across a good article at alistapart.com.

Credits

The article you are currently reading is based on an IMC Tech mailing list post by Shayne.

-- AlsteR - 23 Feb 2005