Many of our regular readers like to know more about lighttpd hotlink protection using mod_rewrite. Lighttpd can use HTTP referrer to detect hotlink and can be configured to partially protect hosted media from inline linking, usually by not serving the media or by serving a different file.
Lighttpd anti hotlinking configuration - redirect to another media
Open lighttpd.conf configuration file:
# vi /etc/lighttpd/lighttpd.conf
Append the following directive to redirect to a default picture called /hotlink.png:
$HTTP["referer"] =~ ".*BADDOMAIN\.com.*|.*IMAGESUCKERDOMAIN\.com.*|.*blogspot\.com.*" {
url.rewrite = ("(?i)(/.*\.(jpe?g|png))$" => "/hotlink.png" )
}So if anyone from *.blogspot.com linked www.cyberciti.biz/image.png it will be replaced with www.cyberciti.biz/hotlink.png. I've written small script to detect excessive hotlink from log file and ban all those domains. Most types of electronic media can be redirected this way, including video files, music files, and animations etc.
Related: Apache web server user can stop leechers using mod_rewrite / .htaccess rules.
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012

- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop












{ 3 comments… read them below or add one }
Hello Vivek!
Thank you very much for this entry.
You could copy the script for autoban domains with excessive hotlinking?
Thank you for this great piece of coding, however after hours of playing and testing I still can’t get something to work. Instead of rewriting in this example to hotlink.png, is there a way to rewrite to an html file? Yes I tried simply replacing the hotlink.png with hotlnk.html and it did not work.
Sorry to bump an old post, but this is perfect for what I need.
Thanks,
Anthony
I think you mean leechers, lechers are another thing entirely. But good article, and I hope to detect and log hotlinks on my domains shortly…