Hey guys, I have a wordpress blog that is a using excessive bandwidth, over a gigabyte a day. Is there reasons I shouldn’t prevent hotlinking? Is the following a good way to do it?
I don’t want to affect anything about my blog negatively or somehow mess up wordpress with this htaccess, which I doubt would happen?
Would you guys suggest doing anything differently in my situation? The htaccess method is the only way I am aware of, since last I ran into this issue many years ago.
If you want to do the work, IMHO there is a better way. The htaccess rules you posted can be circumvented by someone simply by turning off Referer or spoofing Google.
Protected Images go into a folder outside of the public root folder, no direct HTTP requests possible
Pages with image links set a SESSION (or maybe a CONSTANT ?)
Image links point to - OR - htaccess rewrites requests for images to
a script file that checks the SESSION and if OK fopen()s the image returning it with appropriate headers
if not OK, display broken image or a custom default
I guess the biggest problem area might be setting SESSION on all your pages.
Pages could still be scraped, but it would prevent all hot-linking.
Are you certain the images are the main culprit? Maybe you should look into flood control.