Detecting hotlinking/referrals to a specific file?

[eccod]

Hi all,
There is a file on my site that is definitely getting hotlinked to, and I'd really like to put a stop to it.
I'd like to find out who's doing it before I make it impossible with an htaccess file.

There is no doubt in my mind that the traffic is not coming from my users.
In November, the file in question got over 900 hits, while the rest of the files in the same section only got around 100 each.
I didn't even get 900 visits in November.

I made a little experiment to make sure it wasn't from my site.
At the beginning of December I changed the name of the file and the link to it, and put a dummy file in its place.
There isn't a link to the file from my site, but I've gotten 200 hits to it in the first week of the month.

Is there a way to see referrals to a specific file?
My hosting company uses Webalizer, and it does not show referrals to individual files.
There isn't anything out of the ordinary in my normal referral logs.

I have no problem with people sending visitors to my site to get the file, but linking to the file directly is not good.
It steals my bandwidth, robs me of visitors, and lets the other site get the credit for having the file (a rare Evanescence recording).

If anyone has any ideas, let me know.
Thanks!

[Cyberlore]

Quickest fix is to search for an anti-leech script. You should be able to find one in whatever flavor of code you prefer (php/cgi/asp/etc) without much problem.

[Nosnam2]

Does your host give you SSH?

[eccod]

Quote:

Originally Posted by Nosnam2

Does your host give you SSH?

If you mean secure shell, I don't think so...

My father wrote me a custom cgi script that logs all referrals to every file in a directory, that should do the trick for me.
I haven't noticed any referrals to that file yet, they must have taken down the link after I messed up the audio file.

[James T]

Have a script in your machine that changes the name of the file being hot-linked daily and changes the page you have that refers to it at the same time. Then you make them work to fix their page rather than you having to work to fix their theft of bandwidth.

Edit: solution to match the scripting your web-host provides of course.

[eccod]

My host allows me to run arbitrary perl code, so I can pretty much do whatever I want...

All I would have to do to stop the problem is change the .htaccess file, but I'm trying to figure out who's doing it (mostly just for fun).

[James T]

Good, use perl to do it then. Remember that the offending party has changed their web page to point to you and it is then joe public who connects to you, this will be many different IP addresses and impractical to block. You can perhaps log the http-referrer value and send an image that contains the text 'unapproved hot-link, please visit http://yoursite/ for legitimate link' for anything from that referrer. I can't remember the exact code required for perl to do this but the referrer property is a standard one sometimes passed from the users web browser.

Edit: or only allow it to work when your own site is the referrer.

[eccod]

I can set the .htaccess file to only allow referrals that come from my domain, I think.

The perl script my dad wrote me (I'm not good in perl) is pretty cool.
There's an entry in the .htaccess file that redirects every request to a file in that directory to the cgi file.
The cgi file then logs the referral, and if it's not from my domain (or if it's a direct request), it delivers a different file.
I think that's pretty much what you're describing.

[James T]

Exactly, you can have some fun with alternate files .

[eccod]

I'm thinking goatse and/or tubgirl...
Is that wrong?

Too bad there's no way to stop the other thing I'm concerned about - people taking my images and using them as their own.
Since my site is a desktop wallpaper site, I really can't do anything to stop them from downloading the images (and still let people use the wallpapers).
I could put a big nasty stamp on all of them, but that's really not something I want to do.