Common Sense and Image Lifting

I guess I should check my referrer logs more often. It seems that not only are some sites lifting some of the graphics from this site — but in unbelievably arrogant fashion — some are even linking directly to the images on my server!

What’s hilarious about this is that it is no accident. I could see if someone grabs my CSS file to tinker with it — even publicly. But I link to images with a relative path. Meaning someone has to go out of their way to add my images to their CSS.

It’s bad enough to steal someone’s graphics — but to steal them and the bandwidth it takes to serve them from the victim’s site is just plain ridiculous.


For the record and because I get asked now and then, I have no problems at all with people using any and all of the markup and/or CSS from this site. Take it, modify it, make it your own, experiment with it — this is how we all learn. But I draw the line on graphics. I can’t prevent it of course, but for god’s sakes if you’re gonna steal them, put them on your own server. Mmm ‘kay?

I’m certain I’m not the only one that’s run into this problem?

Update: It only took one comment to knock some sense into me. A simple .htaccess dropped into the /images/ directory prevents anyone from referencing your images from any other server but your own. I’ve just implemented this handy tip from Scriptygoddess and it appears to be working like a charm.


  1. Why not protect your images with a .htaccess? See eg.

  2. Jeroen – Surely, that is good thinking :-) this one looks like it just might do the trick. Thanks.

  3. I know the feeling! And it is a shame that there are so many designers and developers out there who doesnt know better than stealing! Must admit though Dan I have see so many close variants of your site style and layout! Asking for help is one and using ditto style and pattern another. Hope one day the web community will rise to a new level of consciousness.

  4. Brian says:

    If you want to get a little revenge on people swiping your images, try this trick from Jeremy Zawodny.

  5. Mark says:

    I downloaded your CSS file to see how you style pictures with borders so as to use the technique on my site. Got it working in two seconds flat. Hope that your solution works.

  6. Matt says:

    I’ll admit that my redesign was influenced a fair bit by your work (your article on A List Apart about column stretching was very good, but I wish we didn’t have to resort to *hacks*). However, a person should be able to effectively differentiate between two sites. What is the fun is completely ripping a site’s design? I know I’m preaching to the choir, but regardless..

  7. Ryan Brill says:

    I had a similar problem, though slightly different than yours, equally ironic. In my case, the person who stole my layout was posting questions on a forums that I hang out regularly, and guess what, I was the one answering him. :rolleyes:
    I didn’t realize what he was doing until one day I decided to take a look at his site, and it was nearly identical to mine…
    I’m with you, if these people are going to steal someone’s layout, why do they have to be so damned stupid about it?

  8. How timely. Well, Ethan’s case is different, but it’s the same general topic.
    At least one site that I know of has used my markup and CSS to design their site (not from my personal site, but from my Zen Garden entry). They changed every image and gave me credit, so I really didn’t mind it at all. If someone could learn from it, all the better.

  9. James Paden says:

    I’m sympathetic. I had it even worse actually. I’ve had lots of people duplicate the entire content of my site. I have about the top-ranked web design company on Google. People like to copy the whole thing in attempt to get the same rankings for their site. – run a Google search for a some of the unique phrases on my home page. (NOTE: a new and very cool css-based/tableless design coming soon)

  10. What happens (in regards to your .htaccess solution) with UA’s that don’t set a HTTP_REFERRER header. Granted these browsers are in a minority, but it could get worse. Browsers may even FEATURE this in future versions, as an added privacy measure.

  11. Sverrir says:

    Then I guess he’ll just have do change one .htaccess file :)

  12. Tom says:

    Just a word – when I first got to your site all your images weren’t showing up at all. I reloaded a couple times and couldn’t figure out what was going on. I shrugged and started reading (hey, your blog is usable without images!)
    Clicking on another section suddenly fixed the problem. Not sure if this is related to your .htaccess fix. Thought you might want to know.

  13. Matt says:

    That’s one problem with .htaccess…it seems to “bug” for some users, and they don’t end up loading images. Another site I read takes a more juvenile approach with image leeching, replacing images with something that no one wants to see. It backfires occasionally though, and the images on the homepage are replaced with the ones that you certainly wouldn’t want a visitor to your site to see.
    A better way to go might be to run a daily report that strips out external sites that are linking to your images, then adding them to a .htaccess blacklist of sorts. If you check the report once every few days or so, it shouldn’t be a huge problem.

  14. joel says:

    What happens (in regards to your .htaccess solution) with UA’s that don’t set a HTTP_REFERRER header. Granted these browsers are in a minority, but it could get worse. Browsers may even FEATURE this in future versions, as an added privacy measure.
    It may be that not many browsers offer HTTP_REFERER blocking, or if they do, that many people use it. However, other programs do this (Norton Firewall, e.g.) by default. I have run into a reasonable number of people complaining that an HTTP_REFERER-reliant script doesn’t work (for a site at my work) because (as we discovered) their firewall software was preventing that header from being sent. For the most part, these folks had no idea that they were using that feature of the firewall, or in some cases that they even had a firewall.
    Just a note — not necessarily a reason not to do this.

  15. Andy Budd says:

    We used to develop flash games at message and found that games sites were linking straight to them, stealing our bandwidth. We used .htaccess and Mod Rewrite to change the file we were serving to external site. The file we server up instead explained that the people were ripping off our game, and to let us know.
    On a similar note, I recently read of a blogger who decided to serve up x rated images to people linking to his images. The sites doing the linking didn’t know as they had the original images cached, but new visitors got served something altogether less savoury.

  16. Mike says:

    I took a lesson from Rob at Cockeyed and started uploading new images with the same filename, then changing the original filename and corresponding HTML. It’s especially fun when people are posting your images on a forum where they receive instant feedback of their new embarassing image. :)

  17. Ryan Brill says:

    I’d question serving up off-colored images to these sites. Perhaps some might think of it as a good way to get back at the developer (if you could call them that) who made the site, the sites visitors have done nothing wrong, and probably some of them will be under the age of 18.

  18. I’ve had a couple of occasions where some newbie/idiot decided to hotlink images off my site… best one was where some desktop wallpaper at 200kiB a piece were applied as a backgrounds for their blogs shifting a not inconsiderable 100MB of bandwidth that day.
    Though I had the last laugh when I decided to resolve it via the Lowtax/SomethingAwful method… :D

  19. james says:

    Yet another possibility for bandwidth theives, I serve up an image wich reads: Stealing is Wrong. You’re seeing this file instead of the one you hoped to see because somebody is trying to use it without permission. Come to *my site* to see the real deal.
    Not that pictures of baby shit aren’t as equally effective, but it never hurts to be informative.

  20. Chris Hester says:

    I had a wallpaper image on my site linked to directly for the background on another site! To prevent this I had to move all my images into one folder, then add the htaccess file. Other sites were linking to my images too, all from the same group of addresses (Chinese blogs). I emailed them to stop – no reply. Then I changed the image to give a warning. No change. I even split the wallpaper into separate strips. But in the end I had to block all images from being hotlinked as you can’t stop people abusing your bandwidth again. Hurrah for htaccess files!

  21. Jacob Arnold says:

    I tried the .htaccess method for a while, but it got to be a pain since occasionally I want to host an image for my own sig. But adding a robots.txt blocking Google’s image search seemed to help a lot.

  22. dw says:

    Oops. Terribly sorry, it was an accident. I was trying to pry apart how you handled the margins, so I borrowed the CSS and the HTML and the image. (I’m a visual thinker.) In the process of figuring all this out I failed to make the links local. So, you probably got some hits from me.
    I was running to the same problem as you described in ALA with divs not stretching all the way to the bottom of a page. Using the background image works perfectly. I rewrote my CSS and made my own background image for the site I was working on.
    So, thanks, sorry for eating your bandwidth unnecessarily.

  23. MICHELE says:

    Thanks so much for posting this. I have a problem right now with a Russian website that is using tutorials written for my website ( by me. He does give me credit, but he never asked permission and is linking to movies and images hosted off of my server. I honestly don’t think the guy understands English because I wrote him a while ago and he never responded. I really appreciate you sharing your knowledge!

  24. Gordon M says:

    All of this makes me sick, it really does. Web designers and artists are the only developers who don’t seem to be able to employ some sort of technology to protect their work.
    I think people sometimes think that because someone uses their site to teach others within a community that the tutorials extend to lifting the entire sites image branding too.
    My work is niche based, I design sites for models and photographers, and they ask me “Is there any way I can protect my hard work”, I am forced to say no every time.
    I agree that the people who do this are the creatively challenged, but for God sakes, they have no heart!

  25. ColdForged says:

    Same thing for me with the deep linking of images. I seriously thought about redirecting to something revolting, but instead chose to attempt to embarrass the linker. I have noticed a decrease in deep-linking since I instituted my redirect… it doesn’t hurt that few people want to have the words “I am incapable of reading!” in their forum signatures ;).