Keeping Your Images from Adorning Other Sites Page 3
This will let a request proceed if the
envariable is set (with any value whatsoever). Any and all other
requests will be denied because they don't meet the
conditions and the default is to deny access.
Putting all these pieces together, we end up with a stanza of directives that looks something like this:
SetEnvIfNoCase Referer "^http://my.apache.org/" local_ref=1 <FilesMatch ".(gif|jpg)"> Order Allow,Deny Allow from env=local_ref </FilesMatch>
These may all appear in your server-wide configuration files (e.g.,
httpd.conf), or you can put the
<FilesMatch>container in one or more
.htaccessfiles. The effect is the same: Within the scope of these directives, images can only be fetched if they were linked to from one of your pages.
I mentioned earlier that you can't fully prevent image theft. That's because of two things, which apply pretty much to the two different types of poaching respectively:
Someone who really wants your artwork can always
request it using a faked-up
Referervalue that happens to meet your criteria. In other words, by jiggering up the request so it looks like it's a reference from your site.
- If someone legitimately views your artwork by going through your pages, the image files are almost certainly in his client's cache somewhere. So he can pull it out of a cached valid request rather than making another one just to pick up the image.
Though it's essentially impossible to foil someone who's really desperate to snitch your artwork, the steps described in this article should make it too difficult for the casual poacher.
Another thing you can do, depending upon how protective you are of your art, is to watermark the images. Watermarking a digital image consists of encoding a special 'signature' into the graphic so that it can be detected later. Digital watermarking doesn't degrade the quality of the image, and can be done in such a way that even a cropped subsection of the image contains the mark, and it's detectable even if the image has been otherwise edited since the mark was inserted. It's even possible to detect a watermark in an image that was printed and then scanned in, having left the digital realm altogether! If you watermark your images, there's an excellent chance you'll be able to prove snitching if you ever find a suspicious image on another site somewhere.