ASP.NET - Blocking External Referrers
I was ones faced with the issue of enforcing copyright on different files on a website.
That meant that images and dynamically created XML files had to be blocked if accessed from outside the website.
So, I had to find a way to prevent other websites from linking to or referencing these files. Copyright or not, it is a good idea to do it on dynamically created files such as charts, because they take a lot of computer power to generate.
That resulted in an HttpModule that stops all requests coming from outside the website to a custom list of files.
If your images are inserted into a <img> tag on another domain, they will be blocked.
The list can use wildcards so you can stop all files of a certain type as well. It could look like this *.gif|*.jpg|image.ashx.
Below are the two methods of the module that stops the illegal requests.
private void context_BeginRequest(object sender, EventArgs e)
HttpContext context = ((HttpApplication)sender).Context;
// Do nothing if the request is legal
// Accessed directly
if (context.Request.UrlReferrer == null)
// Linked to or embedded into another domain
if (context.Request.UrlReferrer.Host != context.Request.Url.Host)
private bool ReguestIsLegal(HttpContext context)
string mappings = ConfigurationManager.AppSettings["BlockMapping"];
string fileName = context.Request.PhysicalPath;
foreach (string map in mappings.Split('|'))
string cleaned = map.Replace("*", ".*").Replace(".", ".");
if (Regex.IsMatch(fileName, cleaned, RegexOptions.IgnoreCase))
The method RequestIsLegal uses regular expressions to determine if the requested file matches the mappings in the web.config.
Download the ExternalAccessModule.cs below and add put it in the App_Code folder. Then add the following lines to the web.config's
<add type="ExternalAccessModule" name="ExternalAccessModule"/>
And last, add the mappings to the AppSettings of the web.config. Modify it to match your own files.
<add key="BlockMapping" value="*.gif|*.jpg|image.ashx"/>
ExternalAccessModule.zip (,85 KB)
Add to Del.icio.us | Digg | Reddit | Furl
Looks like Twitter is not looking the other way as much these days. TechCrunch reports that there is some concern at the ...
Hulu Receives Good News Concerning Their Online Ad Format
Global Gaming Factory Buys Up Pirate Bay
|Pirate Bay Launches The Video Bay|
Reports Say Microsoft Could Be Selling Razorfish
Facebook Status Updates Going Public
|A Twitter Rant Gone Bad |
Important Bing Developer Leaves For eBay
Reasons Twitter Should Start Charging For Their Service