Bandwidth Stealing
by Richard Berends, Webmaster
The Maestro Awards of Excellence
1 April 2001
Bandwidth stealing is a serious problem, but many webmasters are not aware of this. Some don't even know what it is! This article defines bandwidth stealing and explains how it affects you. After reading this article, you will know why you shouldn't do it, how to avoid doing it, how to detect it, and how to deal with the offenders.
Owners of award programs are in a unique position to combat this problem. We are frequently visiting sites, and there are measures we can take when we come across one that is stealing bandwidth. Learn and apply these measures. By working together, we can all help to overcome the problem.
What Is Bandwidth?
When you surf the Internet or download a file, you are using bandwidth. Every time you click on a link to a Web page, your server sends a message to the remote server where the page is located and requests the page. The remote server, in turn, sends back all the files associated with that page. This transfer of data is called "bandwidth."
What Is Bandwidth Stealing?
You created a website and all the elements associated with that site, such as graphics, HTML files, sounds, and so forth. Under the copyright laws of most countries in the world, they belong to you, the creator. They are your property and nobody is allowed to copy or use them without your permission.
One day, while checking your server logs, you discover that the graphic you created as a link to a resource in your site has been accessed more times than the page it's located on. "How can this be," you wonder. "Shouldn't it be loaded the same number of times as the page?"
Later you're looking through the list of referral sites in your server logs. Out of curiosity, you click on the link to a site that referred the page you were wondering about. There, in the middle of the page, is a copy of your graphic and it's linked to your page. "Isn't that wonderful," you think, forgetting about the copyright issue for the moment. "He's linking to my site."
Still curious, and perhaps a little bit proud, you open and examine the source code for this page. Guess what! The webmaster did not store the graphic on his server. To save his own bandwidth, he has coded the link to call it from your server. This is called "bandwidth stealing."
How Does It Affect You?
When you obtained server space for your website, was it free? No, of course not. It's probably hosted by an ISP, and they charge you a fee for this service. The amount of the fee will vary depending on a number of factors, but let's say that you are paying $20 per month for one or two megabytes of storage space and a maximum of one gigabyte of data transfer.
Sounds like a lot, doesn't it? For many sites it's more than adequate, but if your site starts to get a lot of visitors, and if you have some large files, you'll discover that one gigabyte of data transfer is not as much as it sounds. So what happens when you exceed the limit? Well, that depends on your ISP, but it usually involves in a penalty for the transfer of additional data.
How bad can this be? Let's say 200 sites have a page with a graphical link to your site and the graphic, which weighs in at 15K, is being accessed from your server. Now let's assume that each of these 200 pages is getting 2,000 visitors per month. Based on this example, your server will be transferring an additional 6 gigabytes of data per month. The bill for this data transfer will be sent to you, and it could cost you a lot of money!
Why You Shouldn't Steal
"Do unto others as you would have them do unto you." If you think it is wrong for other people to steal your graphics and run up your server costs, then don't do it to them. Some webmasters have been forced to close their sites because of the additional cost. How would you feel if this happened to you?
There are other reasons to avoid bandwidth stealing. For one, some ISP's will shut down your website if they find out you are stealing bandwidth. You'll have to find another host. For another, it can have a negative effect on your visitors and your website.
Let's say you have some graphics in your page that are being accessed from remote servers. Each of these graphics involves a remote call, which takes time. If the remote server is busy, it will take even more time. If the remote server is down, the graphic will not load and display. If the graphic is moved or removed by the owner, you will have a broken graphic.
How does this affect your visitors? Most of them will simply go away if your page takes too long to load. A click and they're gone, possibly forever. When it does load quickly, most of your visitors will end up with a poor impression of your site if they see broken graphics. All your hard work to build a super website will be wasted.
Bandwidth stealing is a serious offense. In many countries it's a crime, with the punishment ranging from a fine to imprisonment. If the problem continues to escalate, we will probably start to hear about webmasters being prosecuted for stealing bandwidth.
How To Avoid Stealing
Simply put, you should never access a graphic, sound or any other type of file from a remote server, unless you are invited, permitted or required to by the owner of the remote website. Here are some examples of the wrong and right ways to load graphics:
Wrong: <img src="http://www.remoteserver.com/graphic.gif">
Right: <img src="graphic.gif">, or <img src="http://www.yourserver.com/graphic.gif">
The first "Right" example assumes your graphic is located in the same subdirectory on your server as the HTML document, which is often the case. If the graphic is located in a different subdirectory, then you must specify the path. For example:
Right: <img src="subdirectory/graphic.gif">
The "Right" examples will also give you control over the display of graphics in your pages. Using them, you will never have a broken graphic because a remote server is down or because the owner decides to move the graphic to another location on his server.
How To Detect Stealing
We have already looked at one way of discovering who is accessing graphics from your server — the list of referrers in your server logs. But this only works if people are clicking on the links in the referring sites to visit your page. If nobody clicks on the links, or if the graphics are not linked to your site, then there will be no telltale entries in your server logs.
Another way to find bandwidth stealers is to use the "image" search feature at AltaVista. Just enter one of the following search terms in the search box:
image:yoururl, or image:yourgraphic.gif
The first search will find all websites that are accessing an image from your server. The second will return all sites that are loading the image you named (yourgraphic.gif) in the search box. Of course, these searches will only find the sites that have been indexed by AltaVista. There is no way to search all the websites in the world.
Talk to your ISP and find out if they have any detection software installed on their servers. The technology for detecting bandwidth stealing is steadily improving, and some of it will prevent theft by blocking or redirecting illicit requests for files. If your ISP has this kind of software installed, they may be able to help you.
How To Deal With Stealers
The simplest way to deal with bandwidth stealers is to send them a polite email. Explain the problem that it causes for you. Ask them to remove the graphic or store it on their own servers. Many of them will comply with your request.
If this fails, send a complaint to the ISP that is hosting the offender's website.
To find the email address, go to WHOIS
and search the NSI Registrar database. Enter the offender's
domain name in the search box to look up all the details of
that domain, including the contact people, email and postal
addresses, and phone numbers of the offender and the host.
You can also search by name, organization, server, mailbox
and keyword.
Use RIPE to find ISP addresses in Europe and APNIC for addresses in Asia and the Pacific. If you can't find the address you're looking for at these sites, try the Root-Zone Whois Information at IANA. It will give you contact information for all the registration authorities in countries around the world.
As a last resort, phone the bandwidth stealer or initiate legal action. The former will possibly get you some verbal abuse, for people who deliberately steal bandwidth can get defensive, so you should be prepared. The latter will cost you money if your action is not successful.
Guidelines For Using Graphics
If you want to use a graphic or any other file from another website, you must first obtain permission from the owner of the site. Once approved, you must store the graphic on your own server, give credit to the original artist or author, and provide a link to the owner's website.
There are exceptions, of course. The two most obvious exceptions are counters and banners, which require you to access the graphics from remote servers and which do not require any credits. Another exception is sites that invite you to use their graphics, usually for the purpose of linking to their sites. You do not have to ask for permission, but you should follow the other guidelines.
Most award programs expect you to display their award graphics. If your website wins some awards, you should always store the graphics on your own server and link them to the award programs. This is the least you can do in return for the time it takes them to visit and evaluate your website.
To protect yourself, keep a record of all the graphics you are using from other websites. The record should contain the following type of information:
| 
