Is there a way to stop hotlinking? I have a client who has a blog. They have post pics of tattoos. Now there are at least 50 tattoo forums, blogs and other sites hotling to the pics. Now his bandwidth usage has skyrocketed. So enable hotlink protection in his cPanel. Just did a redirect to my main hosting site with a nice please stop hotlink image. Now I see all this in my logs. So I then made a 150 x 9000 clear BG gf with the text at the top please stop hotlinking.
My questions is there any way to stop it. If not should I just make a 1x1 clear gif to redirect to? Also is there a way to not have this traffic show in my log files?
I've tried a couple of different apps and solutions re hotlinking and IIS w/out finding a real winner. Hoping folks may have some recommendations re apps and/or solutions for dealing w/ hotlinking and IIS 6.
I have found some spammer hotlinking to my images to get his site crawled, I have modified the .htaccess to attempt and serve his hotlinking domain with a warning but it does not work...
My actual .htaccess file is the one below (it was created by wordpress automatically):
# BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule>
I dont kmow too much what I am doing, following the tutorial here, http://altlab.com/htaccess_tutorial.html but the problem is that my .htacces already contains something created by wordpress that to me looks like garbage as I don't understand the meaning.
I dont know if I should add the lines inside the <IfModule mod_write.c> or outside them as I have done.
I dont know if it is ok to have two times Rewrite Engine On
PS: When I added the lines I describe above, my site also stopped displaying the images, I had stopped everyone including myself from hotlinking them. I only want to stop certain domain. or even better, my ideal solution is to WHITELIST my domain names (I have two using hotlinkg to those images), but I will settle for blacklist if it is easier.
I am looking for a content delivery network that will only serve files to a list of allowed hosts. This is such a basic "doh" feature, but nobody seems to have it (Mosso CloudFiles doesn't have it, and even Amazon S3 has no easy-to-use hotlink protection). Has anyone found such a CDN?
I'm facing some issues with hotlinking here. the htaccess do not work because users can still use their download manager to download the file without going to my site.
I've seen few sites that got tempoary url that changes every X times and that support download manager.
I moved my website from one server to another just today and my site has a rank on another website. The ranking site lets me display my rank on my website through a hotlink to their site. When I moved my site to the new server, I can't see the image. On the old server, I could always see the image.
This is a strange issue since in Firefox, I see the image load and then it tells me the image is empty. But when I open the image's URL, I can see it just fine. I've reloaded the page over and over again, but I don't get anything. The same applies to IE.
What's even more strange is when I use a proxy, I can see the image just fine through my browser.
I am a graphic designer/photographer who creates designs for music artists, producers etc. on Myspace (I know, I know). This obviously involves lots of hotlinking, and that is why I am here.
I provide customers with hosting for their layouts so that they don't have to go out and search for one. I am currently hosting the images on a friends private server, but it's fairly slow and I want something more reliable. One layout usually has around 20 different images (background, headers, banners, etc) and I try to make sure it comes out to a little under 1MB, so I don't need to worry that much about disk space. I'd say bandwidth might be the only issue if anything.
I enjoy the work but it's mostly a side business and doesn't create much revenue, so I'm trying to go for around or under $10 a month. That said, I also want to make sure things are fast enough for the visitors and am willing to up the budget if required. I was going to go with 1and1 or Hostgator but heard alot about overselling.
The images I am trying to block are on page generated by a simple PHP script on my server. The offender has replicated what I am doing with ASP on their server. They are hotlinking to my images for the resulting page. They left my website's name on them, so they must think that giving credit is enough.
I'm going to be contacting them to stop but I also want to see if there is a way for me to prevent it from happening in the first place.
I know mod_rewrite works on my server because I've been using it for some other things.
However, whenever I enable the above code (add it to the directives and restart apache - have also tried just putting it in a .htaccess file in the appropriate directory), I end up with images still being allowed on my domain and the other domain I'm trying to stop from using my images. Do you think it could have to do with an absent referrer? I read that the code doesn't work if the referrer is blank. What else would cause this not to work? Obviously the domain would have to be correct, but it doesn't block from my domain OR the offending domain.
I tried another method:
Code: <FilesMatch ".(gif¦jpg¦png)$"> SetEnvIfNoCase Referer ^$ allow_image SetEnvIfNoCase Referer ^[url] allow_image Order Deny,Allow Deny from all Allow from env=allow_image </FilesMatch>
This one blocked images to the offending domain, but it also blocked mine!
I have came across site in my statistics that apperantly runs with about 99% of my content flash files. He put adsense all around them, too - sneaky.
I know it is possible to disable hotlinking from other sites using htaccess, but is it possible to disable hotlinking for ONE site? I need to block .swf that come from example.com domain.
im currently looking for a mod that can cloak the real url adress to prevent hotlinking and havetempoary links which expires after x min and a new linkupdates
my DNS stop resolving, once a day i need to restart the service in cpanel/whm , what can be done to prevent that ?
its a fresh vps only cpanel is there and 2 domains with no pages just a simple under costruction index page . in CSF i have a Your Score: 106/112 in security , it firewalled and hardened
right now is using 299 of ram out of 512 burstable to 768
I was wondering if anyone has any methods to stop spammers? Currently i am keeping watch on the mail queue and making sure nothing unsual. I have in WHM configuration setup to not allow more 200 mail messages per account per hour but for some reason it will hit thousands. WHMCS does seem to suspend them automatically or maybe its because of WHM BUT only when its too late.
Have a persistent spammer who kept emailing my clients, even non existent domain accounts and getting the bounced emails to be send to a particular yahoo address. I tried to block in all ways but can't seem to stop him. His spams are from all over the world. Any suggestions?
By mistake instead of using gunzip file name on my friend's vps, I had used gunzip -c filename
and its taking hell a lot of time to unzip it, I have no clue on how to stop this and I am scared if I close ssh client, it might be still adding load to the server ..
I am unzipping an 4.5mb file, which on un-compression must be around 14.5mb ..
for the past 10 mins its still unzipping and not sure how long it will go on.. unless I stop it..
a site i manage for a client is being hacked every couple of days, its not the actual site but the hosts server thats getting attacked, all sites on that server, well actually all thier servers.
They have made no attempt to sort this problem, i report it they look at the site and say "site loads fine for us" which it does.
All index files are having a base64 encode line written after the <body> tag, this adds hundreds of spam links which are hidden with display:none; they also add .html to application types in htaccess for php to run in these files too.
Problem is, i am moving the site to another host but cannot change the nameservers to the new host's untill the client returns from a holiday, so i must keep the site up on the insecure host for now.
I am removing the spam code almost daily, is there anyway i can stop this attack happening for the time being, the host does nothing.
I have received quite a few emails from senders claiming to be the recipients [in this case one of my email accounts]. I did not send these emails. This is happening with almost every email account I have setup on one of my domains.
I know this is probably an easy fix-- I am simply unsure of what it is.
I noted that someone else recently posted a similar question-- with only one response. I wanted to see if another post my garner another response.
i've a vps with iptables, but i've too much traffic (RX), there are too many packets received from random ports on both upt and tcp. Today in just 14 hours i've 2.8 gib of traffic, without any connection for web, email, etc (i've stopped all the services). How can i stop this? it's going to burn all my monthly traffic
to stop supporting php.ini files in clients account because they can turn off safe mode or any fucntions and options and they can hack server! how i can stop supporting this files
I have a massive spam problem on my server, which I cannot seem to find a cure for. Here is an example of the headers from an example email (from WHM) that is stuck in the mail queue:
Quote:
1HiU0X-0006Y3-O6-Hmailnull 47 12<>1177932329 0-ident mailnull-received_protocol local-body_linecount 78-allow_unqualified_recipient-allow_unqualified_sender-frozen 1177932333-localerrorXX1vrroark@freemail.ru144P Received: from mailnull by host.zaggs.com with local (Exim 4.63)id 1HiU0X-0006Y3-O6for vrroark@freemail.ru; Mon, 30 Apr 2007 12:25:06 +0100045 X-Failed-Recipients: download@host.zaggs.com029 Auto-Submitted: auto-replied058F From: Mail Delivery System <Mailer-Daemon@host.zaggs.com>024T To: vrroark@freemail.ru059 Subject: Mail delivery failed: returning message to sender047I Message-Id: <E1HiU0X-0006Y3-O6@host.zaggs.com>038 Date: Mon, 30 Apr 2007 12:25:06 +01001HiU0X-0006Y3-O6-DThis message was created automatically by mail delivery software.A message that you sent could not be delivered to one or more of itsrecipients. This is a permanent error. The following address(es) failed: download@host.zaggs.com (generated from abraham@keysupplier.com) retry timeout exceeded------ This is a copy of the message, including all the headers. ------Return-path: <vrroark@freemail.ru>Received: from [220.157.245.77] (port=3648 helo=localhost.localdomain)by host.zaggs.com with smtp (Exim 4.63)(envelope-from <vrroark@freemail.ru>)id 1HiU0X-0006Xu-7rfor abraham@keysupplier.com; Mon, 30 Apr 2007 12:25:06 +0100Message-ID: <10fb01c78b19$683b6042$8bc8505a@freemail.ru>From: Noticeable <vrroark@freemail.ru>To: abraham@keysupplier.comSubject: I am 79 years young!Date: Mon, 30 Apr 2007 14:19:48 +0300MIME-Version: 1.0Content-Type: multipart/alternative; boundary="----=_NextPart_000_0000_9E7D5C31.01A57A34"X-Priority: 3X-MSMail-Priority: NormalX-Mailer: Microsoft Outlook Express V6.00.2900.2180X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180This is a multi-part message in MIME format.------=_NextPart_000_0000_9E7D5C31.01A57A34Content-Type: text/plain; charset="iso-8859-1"Content-Transfer-Encoding: 7bit A few words about HGH LifeI have been taking HGH Life for five weeks and there is a noticeable improvementin me overall. Waking up without muscular pain is the most obvious! WhenI run out, I shall be ordering as much as my pension will allow. I am inEngland and am 79 years young!Order HGH Life online ------=_NextPart_000_0000_9E7D5C31.01A57A34Content-Type: text/html; charset="iso-8859-1"Content-Transfer-Encoding: quoted-printable<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><META http-equiv=3DContent-Type content=3D"text/html; =charset=3Diso-8859-1"><META content=3D"MSHTML 6.00.2900.2912" name=3D"GENERATOR"></HEAD><BODY text=3D#000000 bgColor=3D#ffffff><font size=3D"3" face=3D"Times New Roman"><p align=3D"center"><font =face=3D"Arial" color=3D"#009900" size=3D"5"><strong>A few =words about HGH Life™</strong></font></p><p align=3D"center"><font face=3D"Arial">I have been taking HGH =Life™ <strong>for five weeks </strong>and there is a noticeable =improvement in me overall. Waking up without muscular pain is the most =obvious! When I run out, I shall be ordering as much as my pension will =allow. I am in England and am <strong>79 years =young</strong>!"</font></p><p align=3D"center"><a href=3D"http://worldwdefull.com"><strong><font =face=3D"Arial" color=3D"#ff6600" size=3D"4">Order HGH Life™ =online</font></strong></a></p></font></BODY></HTML>------=_NextPart_000_0000_9E7D5C31.01A57A34--
I can confirm that the person who is doing this IS NOT using the 'nobody' user because I am keeping a spam_log for that.
How else is a user able to use our server for spam? Please help as I would like to get this sorted ASAP.
I have my own server which I use for my own websites.
I use the following features of WHM -
Creating accounts Deleting accounts Creating "packages" for my accounts Restarting services ...and possibly one or two other items once or twice a year.
I use the following features in Cpanel -
Checking statistics Adding e-mail accounts ...and possibly one or two other items once or twice a year.
I'd like to break the (small) WHM/Cpanel habit I have and do all of the above via the command line.
One of the servers have 1 account on, but seems like its extremely attacked. I cannot SSH and many packet loss. so I asked softlayer and they access it and said its a SYN Flood as from the /var/log/messages (I cannot see it as the server is not accessable) they put the main public ip under Cisco guard but still didn't help. when I asked for any solution, unfortunaly I were told there isn't and have to wait the attackers to stop as it comes from MANY addresses that iptables even won't help.
Isn't there any solution (software-hardware) to stop that ?
