I noticed that I was getting a lot of referrer traffic from one site in particular, and took a look. I didn't notice any links to my page from that site, so I had a peek at the source code.
Appearantly, this guy copied a line from my page that linked to a Javascript file so he could use the visual effect on his own site. What really annoys me is that the line in question was added by the WP-Wetfloor plugin and it said so as a comment. Instead of simply finding the plugin himself, he not only copied the line, but the comment as well...
Anyway, I created a file called leech.js with this content:
alert("BANDWIDTH LEECH! Please do not steal other people's bandwidth!");
Then I added this to my .htaccess file:
# this should teach him not to leech bandwidth
RewriteEngine on
RewriteCond %{HTTP_REFERER} badsite\.com [NC]
RewriteRule .*/reflection.js /leech.js [L]
Now when you go to his page, the first thing that happens is an annoying popup with that message.
Note that I could be much more evil and include any javascript code I want in that leech.js file. I could completely rewrite his entire site with another one. I could redirect his visitors elsewhere. I could even steal his cookies and gain admin access to his site by stealing his password.
So this is just a friendly reminder to everybody to be careful when they link to code on other sites. :D
DWRZ
