Click here to Skip to main content
Click here to Skip to main content

How to Prevent the Resource Leech from a Website

By , 9 Mar 2012
Rate this:
Please Sign up or sign in to vote.

Introduction

This small tip is to demonstrate one way of preventing the resource leech from our website.

Background

For those who got confused by the term resource leech, let me first define what a resource leech is. I had a website that contain a lot of images and PDF file which are quite useful for the users. So some guys running simple blog pages thought it would be a good idea to have their blogs providing those resources(so that they could get more visitors and make more pennies). They wrote some small 4 line text for each resource and provided the image and PDF links from my site directly. 

Now, One thing is that the content is actually hosted on my site and users are getting them without even knowing that. But the major problem in bandwidth usage. Why would I want to spend my bandwidth for serving the images/pdfs to some other websites.

Using the code

I thought about the problem and decided to write simple code  to prevent this problem. The solution is not very secure as the advance users can still get their way around by modifying the HTTP header of their request but that is not what most guys will do.

What we can do is to simply

  1. Handle the Application_BeginRequest method in the global handler.
  2. Find the HOST servers URL i.e. My servers URL
  3. Find the requesting servers URL.
  4. Check if the requesting server belongs to my domain or not.
  5. If the requesting server does not belong to my domain. I will end the request without serving.
   void Application_BeginRequest(object sender, EventArgs e)
   {
        //lets get the application object to use
        HttpApplication application_ = (HttpApplication)sender;
        HttpRequest request = application_.Context.Request;

        //Lets find out the the Hostname of my server
        string myServer = request.ServerVariables["HTTP_HOST"];

        //Lets find out the URL of the referrring site.
        string referingServer = request.ServerVariables["HTTP_REFERER"];

        //If this is null that would mean we ourself are requesting the resource.
        if (referingServer != null)
        {
            if (referingServer.StartsWith("http://" + myServer) ||
                referingServer.StartsWith("https://" + myServer))
            {
                //its ok to pass the resources, It is for our own host
            }
            else
            {
                //Stop the bugger from using the resources
                application_.CompleteRequest();
            }
        }
    } 

Perhaps calling the CompleteRequest is not an elegant solution but it worked fine for me.

Points of Interest

As I said, this approach rely on the HTTP header information so advance users can get around by modifying the HTTP header information. Perhaps, the ideal way to solve this problem is to have HTTPHandlers to each resource type i.e .jpg, .pdf and prevent leeching.

History

09 March 2012: First version.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Rahul Rajat Singh
Software Developer (Senior)
India India
I Started my Programming career with C++. Later got a chance to develop Windows Form applications using C#. Currently using C#, ASP.NET & ASP.NET MVC to create Information Systems, e-commerce/e-governance Portals and Data driven websites.

My interests involves Programming, Website development and Learning/Teaching subjects related to Computer Science/Information Systems. IMO, C# is the best programming language and I love working with C# and other Microsoft Technologies.
Follow on   Twitter   Google+   LinkedIn

Comments and Discussions

 
GeneralMy vote of 5 PinmemberShai Aharoni29-Dec-12 22:45 
AnswerArticle of the Day on Microsoft's site PinmemberRahul Rajat Singh29-Dec-12 19:46 
This article has been selected as Article of the Day on Microsoft's site http://www.asp.net/community[^] on 30 December 2012.
 
Rahul Rajat Singh
30 December 2012.

Twenty years from now you will be more disappointed by the things that you didn't do than by the ones you did do. So throw off the bowlines. Sail away from the safe harbor. Catch the trade winds in your sails. Explore, Dream. Discover.

QuestionReferrer is not always sent Pinmembercrashedapp9-Mar-12 8:12 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web04 | 2.8.140415.2 | Last Updated 9 Mar 2012
Article Copyright 2012 by Rahul Rajat Singh
Everything else Copyright © CodeProject, 1999-2014
Terms of Use
Layout: fixed | fluid