I will develop a site using Google Application Engine. My public site consists of 1000's of images. I wish to store these pictures within the Cloud: Google Storage or Amazon . com S3 or Google Application Engine BlobStore. The issue is image hotlinking.

  1. For Google Storage, I researched and that i cant try to prevent image hotlinking. (I love its command line tool gsutil greatly though)

  2. Amazon . com S3 has "Query String Authentication" which creates expiring image web addresses. But this is harmful to Search engine optimization, is not it? Constantly altering the URL might have quite negative affects because it takes up to annually to obtain a picture, and it is related URL, into Google Images. I'm rather sure altering this URL might have an instantaneous negative affect when GoogleBot appears to express hi. (UPDATE: An easy method to preven image hotlinking in Amazon . com S3 by referrer is applying Bucket Policy. Particulars here: http://world wide web.naveen.info/2011/03/25/amazon . com-s3-hotlink-prevention-with-bucket-guidelines/)

  3. Google Application Engine BlobStore? I must upload the pictures via Web Connects by hand and it creates altering web addresses too. (update: Because of my lack of knowledge about Blobstore, I simply designed a mistake. By utilizing Google Application Engine BlobStore, you should use whatever hyperlink to serve the look you would like.)

Things I require is simple referrer protection: Only show the look once the referrer is my website.

Exist some possible ways to avoid image hotlinking. I shouldn't file personal bankruptcy because of the very very high cost cloud bandwidth.


Still difficult to select from the 3, all of them have benefits and drawbacks. BlobStore appears to become the best choice.

The simplest option is to make use of the blobstore. You are able to provide whatever upload interface you would like - the choice is yours to create it - and also the blobstore does not constrain your download Web addresses, only your upload ones. You are able to serve blobstore images under any URL by simply setting the right headers, or use get_serving_url to make use of the built-in fast image serving support, which creates cryptic but consistent Web addresses (but does not allow you to do referer inspections).

I recommend giving some consideration as to whether this can be a real, practical problem you are facing, though. The bandwidth consumed with a couple of hotlinked images is fairly minimal by present day standards, and it is not really a particularly common practice to begin with. As @sharth highlights within the comments, it's prone to impact Search engine optimization too, since image search has a tendency to show images in their own individual home windows additionally to connecting towards the page that located them.

Simpler version of geek's essay, develop a handler in the search engines application engine to fetch and server the pictures. You are able to modify your headers to specify png or whatever, but you are coming back the look from another location. After that you can examine your request referrer information within the handler and take appropriate action if somebody is attempting to gain access to that image "hotlinked". Obviously, because you are never subjecting the particular image, it might be impossible to hotlink. =)