News; Technology; Opinions; Destroying Safe Spaces, and your Mom!

PicRights - Defend yourself against these copyright trolling cunts

If you only are a social media faring idiot, going off about how Trump is ’not your president' this article isn’t for you.  In fact this website isn’t for you. Fuck off.

But for those of you who blog, you probably find yourself looking on the internet for content.. you’re thinking; ‘Hey.. I can search Google for an image of Steve Jobs to talk about the iPhone!'

You would be wrong… Kind of.

If you run a website that could possibly generate ANY kind of income you have to own a license for the photo. Period. Otherwise you are profiting from the works of others. Period

However, that doesn’t mean you should put up with abuse and harressment from copyright rolls either. PicRights is a lovely example of such cunts.

picrights are-cunts

What PicRights does is simple: They have automated scanners that scan websites looking for images on them. Colloqually speaking they are referred to as ‘bots’. They run those images against recognition systems that match what you have on your website against images that they ostencibly can enforce copyright on. That doesn’t mean that they creators of the images will get anything, that just means they claim a legal right to harrass you over them. Their scam is simple enought.

You will receive a letter that looks like a typical mass mailing.. from a DTP (Desktop Publishers) with a P.O. Box Address in New York, but the postage will be paid out of Wichita KS.

If you happen to open that mailing panic will immediately ensue as you will set a claim that you have made “Unlicensed Use of Imagery” and you will be asked to pay anywhere from 500-1000 dollars. You will want to, of course, ‘make everything right’ and you’ll follow the links in the letter, pull out your credit card and pay the fees.

That’s when the real shitshow starts. Because after that PicRights will send their international affiliates after you and you’ll really get fucked. All over a photo that probably costs in most cases about 50 bucks to license off of Adobe Stock Photos.

Fuck these fucking cunts.  Fortunately there are a couple of things you can do to protect your website against these types of trolls.

Protect yourself!

First.. Free Ferris are not lawyers.. but we do know bullshit when we see it.  Ferris has found a strategy that can mitigate PicRights accessing websites.. and using their crawlers on them. However I have to warn people here.. it's technical in nature. If this is something you are not comfortable with configuring you should work with your WordPress or blog hosting company.

From learning about this I learned how PicRights got access to my website and more importantly why - even when I had this configured - it wasn't initially working.

Most Wordpress and hosted sites on the internet use two underlying technologies:

  • The Apache Web Server

  • PHP (the 'core' language that WordPress is built in)

The first one of these is what we need to talk about here in the context of web crawlers.. Web crawlers run HTTP requests to pull down the source of your web page. From there they scan the source code (HTML) of the page and look for specific information to collect and review. The PicRights web crawler uses a bot that searches for a specific set of tag types (IMG tags and related references and links to images and their file types like jpg, png, and so on). PicRights then compares those to its own image database to look for any images that they have registered as copyrighted. This is where web crawlers are different from web browsers.

A web browser asks a website 'Hey I'm staring to view this page to someone, please send me this image on the page so I can display it' using information that gets sent in a header in the context of the request. Apache can tell the difference between this and say, directly entering the URL for an image.

A web crawler doesn't work like that - it asks Apache "Give me this URL". And Apache sees that as a direct access to the file, not as part of the context of loading a page (referrted to in HTTP terms as a 'referrer'.

The solve involves configuring the webserver to block those direct requests. There are a couple of ways this can be done.

  • You can go into the configuration system for your website (usually godaddy and other providers refer to this as "CPanel") and enable "Hotlink Protection" which will do the modification to your web server configuration for you.

  • You can make the following changes in your webserver configuration file (called .htaccess) to block it. You swap out 'localhost' for your domain name:


RewriteEngine on 
RewriteCond %{HTTP_REFERER} !^http://(www\.)?localhost [NC] 
RewriteCond %{HTTP_REFERER} !^http://(www\.)?localhost.*$ [NC] 
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]

What will happen in that case? The crawler will get a HTTP 403 error.. as shown in the logs for one of my websites...


77.88.5.148 - - [09/Nov/2020:08:49:17 +0000] "GET /wp-content/uploads/2008/02/safari-screen-snapz-001.jpg?w=640 HTTP/1.1" 403 698 "-" "Mozilla/5.0 (compatible; YandexImages/3.0; +http://yandex.com/bots)"

Yandex Images was blocked from looking at this file. As were several other bots from Bing, Google and others.

Please note that this can still NOT work for you as I found out when I first tested this. Here's why:

Hosting companies and for web sites and blogs will often use a Content Distribution Network or CDN like Akamai or Cloudflare to mitigate load on your blog sites. This works by caching 'static assets' (such as images and style sheets) on servers around the globe that are physically closer to potential visitors. This has the benefit of making your web site appear faster. This has the conseqence of *also* allowing direct access to the static assets that you try to block. Because CDNs *do not obey the rules that web servers configure*. That means that web crawler will not see the 403 error and the blocking of that image.

- Disable CDN for your website (if your host will allow it)
- Move to a different host that allows you to configure this if they do not allow this.

Hopefully this will help those of you reading this to protect yourself from image crawlers.

For more information on hotlink protection and manually configuring it you can read one of the sources I referrred to on this.

https://stackoverflow.com/questions/10236717/how-to-prevent-a-file-from-direct-url-access

And if you’re from PicRights or Higbee and Associates.. you can both eat a fat fucking dick.

fuckpicrights

All works (c) Free Ferris and freeferris.com - steal the shit off of this sight and.. well.. that’ll be awesome!