"It's not nice to hotlink without permission" warning

[samurman]

When I am looking at some forum pages that contain links to photos hosted at the Den's gallery, I sometimes get the infamour bear picture instead of the photos, which states "It's not nice to hotlink without permisson."

 

http://thefurden.com/images/thebear.jpg

 

I suppose the Fur Den gallery "thinks" that the Fur Den forum page is an external site linking to the gallery and stealing our bandwidth but clearly, that's not the case here. I have checked whether I was logged into the gallery or not, and when this happens, I am already logged into the gallery, cookies intact, so the gallery should not be treating my forum page request as foreign intrusion at all.

 

Do you know why this happens, and how can we prevent it from happening?

[White Fox]

I had not known that this is happening. I agree totally that it should not be but this is a problem that Worker and/or AKCoyote will have to look into. If this is not cleared up quickly, we need to totally disable the function and not use it anywhere.

 

Thanks for the tip

 

W

[Worker 11811]

The way it is SUPPOSED to work is that any request to the gallery which does not report its HTTP-Referrer as "thefurden.com" ends up in the "Bear Trap."

 

You are correct. It was done to prevent people from stealing our pictures and using them on on some other website without permission. Other people try to link to our pictures on their websites without permission and WE pay the bills. Creating the Bear Trap brought and end to that.

 

Check to see if your browser is reporting the HTTP-Referrer correctly. Other than that, we'll have to check and make sure things are set correctly.

[AKcoyote]

Samurman,

 

Thanks for alerting us to the situation.

 

Worker is correct that the "bear trap" is SUPPOSED to only catch links from outside thefurden.com domain. We will check the trap and see if we can refine the logic a bit, but if the HTTP-REFERRER is not being sent correctly from the browser, there is little we can do.

[Worker 11811]

BTW: I do not have access to the control room for the Fur Den's web server from my location. The next time I am in a place where I can log in I will try to see what our server is reporting as your HTTP-Referrer.

 

It might be a problem with the configuration of the program which operates the Bear Trap but it could also have something to do with the security settings of your web browser. I'll check the web logs. I'll report the findings to AK and he will check the settings of the server.

 

FYI: "HTTP-Referrer" is the last page your browser displayed BEFORE you went to the current page.

This is actually some very useful information. It lets webmasters know where their visitors are coming from. So, if we get a lot of people who come to the Fur Den by way of a Google search, we know that we should put some effort into making sure we are listed prominently on Google's search page. Simply put, we can use HTTP-Referrer to make our website better.

 

But HTTP-Referrer is a good way to keep people from stealing stuff off your website without permission. It is theoretically possible for some nefarious person to build a whole website using pictures from OUR gallery without even copying them to their own server. They just "hotlink" to our pictures. They get all the benefit. We do all the work. We pay all the bills.

 

That's what the Bear Trap is meant to prevent.

[AKcoyote]

The "Bear Trap" has been tweaked a bit. If anybody is still getting caught in the Trap while viewing a page on this website, please let either Worker or myself know via IM the URL of the page, and your IP address if possible.

[AKcoyote]

Worker and I finally tracked down and hopefully fixed the problem. It appears samurman was using a legitimate sub-domain of thefurden.com that I had forgotten to include in the config statements that control the "Bear Trap".