Please allow empty HTTP_REFERER (viewing images in the Gallery)

[Soran]

Please add
RewriteCond %{HTTP_REFERER} !^$
or
RewriteCond %{HTTP_REFERER} .
to your .htaccess file.


This is what almost all other sites do. I can tell it because there're very few sites where I can't see images.

If it's only a temporary configuration or an error you were going to fix anyway, please ignore the rest.


It's fair and reasonable to fight these who hotlink images hosted by Datorrents. But blocking access with not empty wrong referrer should be enough. Just think about what exactly you try to prevent:
A) A person who uses images hosted here to link on his blog site, in his public gallery, in his signature, etc.
B) A "cult", a sworn group, that uses images hosted here for whatever they want to do (frankly I've no idea what it can be).
C) A group that isn't even interested in the images, but just tries to damage DaT by using its bandwidth or making other people use its bandwidth.

Now, since the most people do have a valid referrer, you can nail the (A) case without blocking empty referrer. The most people would see the "sorry/hello thief" images and laugh at this silly person; he/she would just disappear in obscurity.

You can do very little about the cases (B) and (C) because it's very easy to fake the referrer. There's more than one Firefox addon that will let you do exactly this in matter of few seconds. Unless you're stuck with some anonymity or corporate service that kills your referrer (whether it's valid or faked) before it reaches its final destination.

Considering the recent witch hunts on fans of deviant art in many countries around the world, there'll be more and more people who have no choice but to use anonymous proxies and similar services. Unfortunately some of these services remove the header information (to protect you) whether you like it or not. Datorrents proudly allows even anonymous (not logged in) visitors to view all gallery sections. I hope you can allow people who are stuck with empty referrer (due privacy services "bundles", corporate/college policy, etc.) to view images the gallery too.

An example empty referrer-friendly hotlink block for .htaccess file:

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?datorrents\.com/ [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F]

Just in case someone wants to see what the Gallery looks like with empty referrer atm:

[ichigo]

Agreed, to a point.

Unfortunately, because of the way the sites are generated, with all static content being served by nginx, and not apache, modifying .htaccess would do absolutely nothing, because the structure is completely irrelevant in the point of handing off static content and a internal proxy to nginx. Right now, all pages are proxied through nginx, and all static content is delivered from a second web server (running nginx.) ALL requests handed off to apache for php functionality, and such, have the proper referrer in place automatically. Yet anything linking to the static content directly on img01 (the gallery's httpd), requires said referrer to be valid, AND in existence. (hence blank referrers are treated as invalid)

We're working on solutions to try to head things off at the pass though.

Mainly tweaking nginx's performance so that it stops completely ramping up apache. (the random downtimes are because of this), when there is a heavy load on the proxy, it spawns mass amounts of apache workers in an effort to keep up with the load (be it artificial or actual production work.) Each time it's being ramped up, the connection settings are being tweaked in a more conservative manner, rather than start small and work big, it's just big to start with.

As for the blank referrer, its actually a conditional at this point, if its not a request originating from any of the dat allowed domains, its simply not handled, regardless of origin or anything. I can definitely understand the frustration, and keep in mind, our stability and getting things to a working condition is the primary concern right now.