Preventing Hotlinking
If you have gone to a lot of trouble creating an image or multimedia file, then you will want to protect it and control its use. While you may not like other people making a copy of your images and using them on their own site without any visible credits, there is one thing that really adds insult to injury...
When other site owners start stealing your files, there is nothing worse than having them pull the image files from your server; not only are they using your content, but you end up paying for it!
Server Solutions
Fortunately for those people hosting on an Apache server, there is a feature that can help prevent the practice of "hotlinking" in this way. The RewriteEngine is part of the Apache server; providing that a server running Apache has been configured to use it, it is possible to analyze all incoming requests and deal with them accordingly.
Of course, if you've ever tried to configure an Apache server you will know that there are a lot of options. Creating your own rewrite rules isn't easy for anyone unfamiliar with regular expressions, however the code to prevent hotlinking is readily available on the web (we have it here at the site).
Using Mod_rewrite is probably the most effective way of dealing with hotlinking as it runs on the server side and is totally transparent to the user. It also allows you to use files without having to worry about changing your file names and links regularly, and is probably faster and much less server intensive compared to a script doing the same job.
Script Solutions
While a server-based solution is ideal, it is not always possible. At times like this, you will need to rely on the less efficient script gateways that will do the filtering for you and deliver the file to the browser from a secret (but not always inaccessible) location on their server.
Be aware that the use of these gateway scripts can put a considerable load on the server for a site that protects every file or is moderately busy, so I recommend that you use them only to protect the files that are at high risk of being "leeched" from your server. It is also worth putting any files that you are protecting in this way out of reach from browsers or spiders, as if it is accessible via the web then it can be found and linked to directly.
The Old Fashioned Way
Perhaps the only way to keep the number of hotlinked images down is to make a habit of changing the names of the images that you are using on a fairly regular basis. It would be possible to write a script or program to do this for you, but unless hotlinking is a real problem that can not be dealt with more effectively in any other way then it could be a waste of time to develop one.
The main problem of changing the location of links and images is that it is time consuming. However, when you move your images you are breaking the links on the hotlinker's site, and if they want to fix it they will have to do some work (and research if they are still intent on hotlinking your images) to fix the problem.
Of course, if you have a persistant site owner that ignores all your requests to stop using your images then you might want to contact their host to let them know about the problem, they should deal with the issue fairly quickly if they are reputable. While you are at it, you might want to ask your host if they could implement a server solution to prevent it from happening in the future.
Problems from Preventing Hotlinking
While it is certainly tempting to take the steps necessary to stop other sites from leaching your bandwidth, there are some serious issues that can come about as a result. There is a single point of failure for all the server and scripting methods to prevent hotlinking I have come across, and that is they all rely on using the HTTP_REFERER environment variable to work.
The main problem is that people are becoming more and more cautious about the way that web sites use their information. Privacy has been in the spotlight since the first widely used spyware program was brought to the public's attention, and savvy computer users have been careful to watch what has been going out of their computers ever since.
If you do decide to implement any of these anti-leaching techniques on your site then you should be aware that you could be blocking otherwise legitimate requests. A surfer who chooses to munge their browsers HTTP_REFERER may have come from a valid page - but if they don't pass any recognised values to the server they will be stopped from viewing your images or downloading your files.
How you deal with these visitors that choose to withhold referral information is up to you, but seeing how more and more people are becoming more privacy aware you could be denying a growing percentage of surfers the ability to use your site to its full potential! Perhaps that is something you should be thinking about when deciding which files you should protect.