Lighttpd mod_rewrite Hotlink Protection To Display Image Message

last updated in Categories Apache, lighttpd, Linux, Networking, RedHat/Fedora Linux, Security, Tuning, UNIX

Many of our regular readers like to know more about lighttpd hotlink protection using mod_rewrite. Lighttpd can use HTTP referrer to detect hotlink and can be configured to partially protect hosted media from inline linking, usually by not serving the media or by serving a different file.

Lighttpd anti hotlinking configuration – redirect to another media

Open lighttpd.conf configuration file:
# vi /etc/lighttpd/lighttpd.conf
Append the following directive to redirect to a default picture called /hotlink.png:

$HTTP["referer"] =~ ".*BADDOMAIN\.com.*|.*IMAGESUCKERDOMAIN\.com.*|.*blogspot\.com.*" {
  url.rewrite = ("(?i)(/.*\.(jpe?g|png))$" => "/hotlink.png" )

So if anyone from * linked it will be replaced with I’ve written small script to detect excessive hotlink from log file and ban all those domains. Most types of electronic media can be redirected this way, including video files, music files, and animations etc.

Related: Apache web server user can stop leechers using mod_rewrite / .htaccess rules.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

3 comment

  1. Hello Vivek!

    Thank you very much for this entry.

    You could copy the script for autoban domains with excessive hotlinking?

  2. Thank you for this great piece of coding, however after hours of playing and testing I still can’t get something to work. Instead of rewriting in this example to hotlink.png, is there a way to rewrite to an html file? Yes I tried simply replacing the hotlink.png with hotlnk.html and it did not work.

    Sorry to bump an old post, but this is perfect for what I need.


  3. I think you mean leechers, lechers are another thing entirely. But good article, and I hope to detect and log hotlinks on my domains shortly…

    Have a question? Post it on our forum!