A while back Google rolled out a new version of Image Search which made a lot people, myself included, very, very unhappy. Essentially the new version takes the entire full resolution image from your website, using up your bandwidth, and serves it up for anyone to take without them having to so much as visit your website. Google calls this “improvement”. As a photographer, I call it theft.
Several solutions sprang up over the weeks that followed, and I settled on using a plugin for WordPress called Imaguard and while it did stop Google from having its way with my copyrighted property, it also created a huge load on my server. I also believe that it caused Google to simply de-index all the photos on my site, which is not what I wanted. There is another plugin available now, but I tried it and found it bloated and needlessly complex.
So I spent the better part of the day looking for another solution (Hey Google, I charge $60 bucks and hour, just sayin’) and gave up. Months later, I finally found one. This requires a little technical knowledge, but it’s not too bad. The beauty of this solution is that is can be adapted to work on any website, not just WordPress websites. It works just as the plugins do, by swapping out your full resolution for a watermarked one.
First you need to disable client side caching for your website. This is important or the solution will not work. If you are going to disable client side caching with a WordPress site though, make sure you have a server-side caching plugin installed. It’s very unfortunate that this is necessary, but unfortunately it is. You can thank Google for that.
To do it, you need to edit you .htaccess file and add the following:
# Disable client side caching of images to stop Google and Bing image theft Header unset Pragma FileETag None Header unset ETag <filesmatch ".(jpg|jpeg)$"=""> Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate" Header set Pragma "no-cache" Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
This will prevent browser-based caching of your images, which is critical for this technique to work. While you’re editing your .htacess file, also add the following lines:
# BEGIN Anti-Leech RewriteEngine on # Uncomment next line to allow blank referrers (not recommended) # RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourwebsite\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourwebsite\.com$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mailchimp\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mailchimp\.com$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?paypal\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?paypal\.com$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?craigslist\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?craigslist\.com$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?gravatar\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?gravatar\.com$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?wp\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?wp\.com$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?twitter\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?twitter\.com$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?pinterest\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?pinterest\.com$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?linkedin\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?linkedin\.com$ [NC] RewriteCond %{HTTP_USER_AGENT} !googlebot-image [NC] RewriteCond %{HTTP_USER_AGENT} !googlebot [NC] RewriteCond %{HTTP_USER_AGENT} !googlebot-news [NC] RewriteCond %{HTTP_USER_AGENT} !googlebot-video [NC] RewriteCond %{HTTP_USER_AGENT} !googlebot-mobile [NC] RewriteCond %{HTTP_USER_AGENT} !mediapartners-google [NC] RewriteCond %{HTTP_USER_AGENT} !mediapartners [NC] RewriteCond %{HTTP_USER_AGENT} !adsbot-google [NC] RewriteCond %{HTTP_USER_AGENT} !bingbot [NC] RewriteCond %{HTTP_USER_AGENT} !facebookexternalhit [NC] RewriteCond %{HTTP_USER_AGENT} !linkedinbot [NC] RewriteCond %{HTTP_USER_AGENT} !baiduspider [NC] RewriteCond %{HTTP_USER_AGENT} !duckduckbot [NC] RewriteCond %{HTTP_USER_AGENT} !yandex [NC] RewriteCond %{HTTP_USER_AGENT} !sogou [NC] RewriteCond %{HTTP_USER_AGENT} !twitterbot [NC] RewriteCond %{HTTP_USER_AGENT} !pinterest [NC] RewriteCond %{HTTP_USER_AGENT} !photon [NC] RewriteCond %{HTTP_USER_AGENT} !tineye [NC] RewriteCond %{HTTP_USER_AGENT} !ggpht [NC] RewriteRule (.*)wp-content/uploads/(.*\.(jpg|jpeg|gif|png))$ $1watermark.php?p=c&q=90&src=wp-content/uploads/$2 # END Anti-leech
The first block above is a list of websites that we DON’T want to block from seeing our real images. It is very important for you to list your own website here, as well as any other third-party sites that you use that need to access images on your server. You may also want to list certain social media sites here as well.
The second block is a list of user agents to allow. I highly suggest you copy this section exactly as it will make sure that search engines still see your normal images and therefore continue to index them. These rules also contain exceptions for Twitter, Facebook, Google+ and Pinterest, so that your image previews will still work when someone (or yourself) shares the page on one of those services.