Lighttpd mod_rewrite Hotlink Protection To Display Image Message

in Categories Apache, lighttpd, Linux, Networking, RedHat/Fedora Linux, Security, Tuning, UNIX last updated June 12, 2008

Many of our regular readers like to know more about lighttpd hotlink protection using mod_rewrite. Lighttpd can use HTTP referrer to detect hotlink and can be configured to partially protect hosted media from inline linking, usually by not serving the media or by serving a different file.

Lighttpd anti hotlinking configuration – redirect to another media

Open lighttpd.conf configuration file:
# vi /etc/lighttpd/lighttpd.conf
Append the following directive to redirect to a default picture called /hotlink.png:

$HTTP["referer"] =~ ".*BADDOMAIN\.com.*|.*IMAGESUCKERDOMAIN\.com.*|.*blogspot\.com.*" {
  url.rewrite = ("(?i)(/.*\.(jpe?g|png))$" => "/hotlink.png" )

So if anyone from * linked it will be replaced with I’ve written small script to detect excessive hotlink from log file and ban all those domains. Most types of electronic media can be redirected this way, including video files, music files, and animations etc.

Related: Apache web server user can stop leechers using mod_rewrite / .htaccess rules.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Share this on (or read 3 comments/add one below):

3 comment

  1. Hello Vivek!

    Thank you very much for this entry.

    You could copy the script for autoban domains with excessive hotlinking?

  2. Thank you for this great piece of coding, however after hours of playing and testing I still can’t get something to work. Instead of rewriting in this example to hotlink.png, is there a way to rewrite to an html file? Yes I tried simply replacing the hotlink.png with hotlnk.html and it did not work.

    Sorry to bump an old post, but this is perfect for what I need.


  3. I think you mean leechers, lechers are another thing entirely. But good article, and I hope to detect and log hotlinks on my domains shortly…

    Have a question? Post it on our forum!