Problem Overview

The problems caused by "hotlinking" are well known: excessive bandwidth consumption & resultant costs, violation of copyrighted material, and a lack of control in managing the browsing experience of visitors. A synonym for this problem, "deeplinking", is often used to describe the undesirable effects of serving up a hotlinked resource for which the content owner gains no benefit (i.e. no advertisements displayed, no "eyes" on the intended page).

Weaknesses of Existing Solutions

The most common remedy for preventing hotlinking usually relies on a check of the HTTP Referer request header. The Refering domain value is compared against the serving domain or a list of trusted domains. In the Apache world, this is commonly done with setenvif and mod_rewrite rules in .htaccess files or Apache config files. Similar Referer-checking approaches are often done with scripts (e.g. cgi, php). Unfortunately, the Referer header is -not- a reliable request header, is easily spoofed, and does not address URL copying or direct type-ins.

Other approaches to stopping hotlinking rely on cookies or javascript events, client-side techniques that are easily circumvented or disabled. The same can be said for periodic shuffling or randomized renaming of content directories or files; hotlinking bots and spiders can easily and quickly crawl a site tree to work out the new linking structure. Still other competitive scripts, modules, or *SAPI filters that attempt to stop hotlinking often have serious drawbacks: excessive CPU/memory consumption or incompatibility with load-balanced clusters. This last point is an especially serious weakness as many high-throughput and high-bandwidth sites (e.g. tgp, mgp) require scalability and clusterability.

What is LinkSentinel?

LinkSentinel is a completely novel approach to hotlink defense that is superior to any of the common techniques tried to date. Designed from the ground up, LinkSentinel is not susceptible to the aforementioned problems of existing solutions. Please read more to learn about the LinkSentinel solution.

Company  |  Privacy  |  Legal  |  Contact
Copyright © 2001-2016 Proxigence