educational

Protecting Your Content

Michael Ludwick
I believe that if someone pulls an image off of your server, plants it on his, and then displays it, that he is breaking the law. But if a user posts the URL to your image in a chat room, USENET Group or BBS of some sort, it is the webmaster of the content that is at fault.

You are in control of how your content is displayed. If it is being abused it is your fault. New webmasters often threaten legal action over this form of piracy, but if you leave the bank vault door open, don't be surprised if all of your money is gone in the morning.

On most http servers there is a way to prevent serving your content to off-site URLs, for example, posting my.site.com/dirtypic.jpg to chatroomxxx.com/sexychat.html. You can stop this by reading your web server docs. If it's your ISP's web server it's that much easier to tell him what to do. If it's your own web server, then you must do something about the situation yourself.

In order to protect your content from hot-linking under Apache, you first need to have mod_rewrite enabled (either compiled in, or linked dynamically), and then you need to add the following to your .htaccess file:

[CODE] RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://.*(chatropolis.com|interfun.net|XXX.XX.XXX.XX).*$ [NC] RewriteRule .*.(gif|jpg|GIF|JPG)$ /images/can_not_display_image.jpg [/CODE]

This is what we do at Chatropolis to prevent users of our service from stealing our bandwidth. The surfer will have to be reading the actual page on our site to see the image, or they will get a nasty image informing them of the theft.

Here is an explanation of the cryptic lines in the config code above: The first line turns on the rewriting for this config. The second and third lines specify conditions under which the rule will match – in this case if the referrer isn't blank and doesn't contain "chatropolis.com", "interfun.net", or "XXX.XX.XXXX.XX" (case insensitive because of [NC]). The last line specifies a regexp to do the actual rewriting. In this case, any URL with gif or jpg gets rewritten to read /images/can_not_display_image.jpg.

I assume that if you are not using Apache that the process should be somewhat similar for your server. If it is impossible to do with your server, then it's time to think about changing servers – at least if you plan on staying in any type of web site-based business for long.

For a UNIX pro, implementing this protection takes a few minutes. For a novice, it might take a few hours of getting to know your server, but when finished, you will have fixed a potential problem forever, and there is something about knowing it's fixed forever that will make you sleep better.

Alternatively, many webmasters put a small unobtrusive image stamp on their content, and get literally 1000's of dollars of advertising for free. A webmaster that does this has even reported that our users convert like crazy, and while I don't know how true that is, the free advertising can't hurt.

The moral of the story is that you're responsible for your content, and once you hear that horrible word "Retainer" from your lawyer, spending a little amount of time to improve content security will look a lot more attractive. So if you don't want to leave the vault open, take my advice and close it yourself, or take advantage of the advertising. The worst thing that you could do is nothing, because on top of losing money, you will not make any extra from the hard work of unscrupulous users.

This article was written with the technical help of Pedro Margate our Sysad at Chatropolis.com. You can check out Pedro at www.terrapodsoftware.com.

More Articles

opinion

When the Government Comes Knocking

J. D. Obenberger ·
opinion

Privacy Notices Shouldn’t Be Treated as an Afterthought

Corey D. Silverstein ·
opinion

Legal Issues Pop Up When Filming Sex in Public

Lawrence G. Walters ·
opinion

The Importance of Patents in the Sex Tech Industry

Maxine Lynn ·
trends

The European Legal Scene: Challenges, Opportunities in 2017

Stephen Yagielowicz ·
opinion

Will Your Business Need a Data Protection Officer?

Chad Anderson ·
opinion

A Legal Primer to Help Develop Explicit Brands Previously Off Limits

Lawrence G. Walters ·
opinion

Preventing Data Breaches Staves Off Big Legal Claims

Chad Anderson ·
opinion

Trademark Ruling a Victory for Adult Products, Services

Marc Randazza ·
opinion

Data Privacy Is Tightening Up in the E.U.

Chad Anderson ·
Show More