XF 1.5 Disabling Image Hotlinking

[Tman222]

Hi all,

Is there a way to disable image hotlinking in xenForo (i.e. so that images can only be uploaded and not linked to directly)? If not, to discourage image hotlinking, would I then be best off installing an add on that converts hotlinked images to uploaded images? Thanks in advance for your help.

 

[EQnoble]

Hi there

Have you tried these options yet (or does this not work for your situation)?

 

[Tman222]

Thanks for the reply, no I had not tried that. Could you explain how this would help with discouraging image hot linking though? The way I understand, it would still allow hot linking but the image would just be cached locally instead for a certain period of time. Also, could someone explain why it's important to use this when SSL is enabled - is it just to ensure that mixed content won't be served to visitors? Thanks again.

 

[EQnoble]

No that wont help with that (discouraging hotlinking) but as a built in method I figure it is prudent to mention it first.


The following addon will make all future posted hot linked images convert to attachments automatically...
https://xenforo.com/community/resources/convert-image.2521/

This one will convert all existing hot linked images in batches (like a retroactive cleanup)
https://xenforo.com/community/resources/convert-image-all.2527/

 

[TPerry]

It can be done at the HTTP server level. I had (no longer use it as I broke the two sites of that habit that were doing it) an image (not really nice, but not R or X rated) that when they hotlinked they got instead of the image they wanted.

In nginx it was as simple as code similar to this

 valid_referers none blocked ~.google. ~.bing. ~.yahoo. server_names ~($host);
  if ($invalid_referer) {
    rewrite (.*) /static/images/hotlink-denied.jpg redirect;
    # drop the 'redirect' flag for redirect without URL change (internal rewrite)
  }
location = /static/images/hotlink-denied.jpg { }

inserted as a stanza in the vhost definition.

There is a tool for htaccess hotlinking prevention at http://www.htaccesstools.com/hotlink-protection/

EDIT:
I misunderstood what you were asking for... this prevents others from hotlinking to YOUR images and "stealing" your bandwidth. You are wanting to prevent users from linking to images at other sites. That's going to require a different process.

 

[Mr Lucky]

If not, to discourage image hotlinking,

For a start, you could hide the button. It doesn't stop them using the bbcode of course, but it will discourage many people.

There's probably a better way, but this seems to work in extra.css

li.redactor_btn_container_image
{display:none}

This addon might be what you need:

https://xenforo.com/community/resources/bbcodes-buttons-manager.1731/