Block Referral Requests

Problem this snippet solves:

This iRule will scan referral requests for images and insert a canned image for requests not coming from a allowed host.

this iRule will replace hotlinked images with a custom image of your choice. you can also change it to completely drop the connection thus saving bandwidth.

The images Data Group should have the file extensions you want to check for hotlinks

How to use this snippet:

class images {
  ".gif"
  ".jpg"
  ".jpeg"
  ".bmp"
  ".png"
}

The allowed_referers Data Group should have the hostnames that are allowed to hotlink, your site hostname for instance.

class allowed_referers {
  "www.companya.com"
  "www.companyb.com"
  "www.companyc.com"
}

Code :

#
# To disallow empty referers, remove the ' and $refer_host ne "" ' check
#
# To drop the request without redirecting to a custom image, replace
# the HTTP::respond with 'reject'.

when HTTP_REQUEST {
   set refer_host [string tolower [URI::host [HTTP::header Referer]]]
   if { ( [matchclass [HTTP::path] ends_with images] ) and 
        ( $refer_host ne "" ) and 
        ( not [matchclass $refer_host contains allowed_referers] ) } {
      log local0.NOTICE "[IP::client_addr]:[TCP::client_port]: hotlink detected from Referer: $refer_host for [HTTP::host][HTTP::uri]"
      HTTP::respond 302 "Location" "http://[HTTP::host]/hotlink.gif" Cache-Control No-Cache Pragma No-Cache
   }
}