Geek Answers Handbook

How to prevent image link back from your ASP.NET site?

What is the best / easiest way to prevent people from accessing images from my hosted ASP.NET website? I do not need to prevent hotlinking of all images / resources, I just want to disable Hotlinking for certain images / resources on the site. FYI. It is hosted on GoDaddy.com, so IIS tricks probably won't work.

+5
source share
4 answers

Streaming images through an ASPX page is a good solution. Although Referrer can be hacked.

What you can do is use a unique salt (keyword) and generate against MD5 (SHA-1 or SHA-2) if you are really interested in security. Also start the current era and against this, it also expires in the images. Save this "key code" in cookies. Whenever images are served, you basically pass this through a request. Validation is performed in ASPX at the other end. You can even restore a new “key code” between each request using either the HTTPRequestModule or the Global.asax page.

There will be overhead, but this will not allow anyone from hotlinking.

+3
source

The easiest way to do this is with UrlRewrite in IIS 7.0.

https://help.maximumasp.com/KB/a738/using-url-rewrite-to-prevent-image-hotlinking.aspx

<configuration>
<system.webServer>
    <rewrite>
        <rules>
            <rule name="PreventImageHotlinking" enabled="true" stopProcessing="true">


<match url=".*\.(gif|jpg|png)$" />
  <conditions>
                        <add input="{HTTP_REFERER}" negate="true" pattern="^$" />
                        <add input="{HTTP_REFERER}" negate="true" pattern="http://www.YourDomain.com/.*" />
  </conditions>
  <action type="Rewrite" url="/images/hotlinking.jpg" />
</rule>
            </rules>
        </rewrite>
    </system.webServer>
+8

, , HTTP-. . , ASP ( ).

+3

, , , , , css sprite, . . , , , , URL- - , .

+2
source

More articles:


All Articles