It looks like you're new here. If you want to get involved, click one of these buttons!
Subscribe to our Patreon, and get image uploads with no ads on the site!
Base theme by DesignModo & ported to Powered by Vanilla by Chris Ireland, modified by the "theFB" team.
Comments
The main thing is that you can see the picture, which means I have my web server configuration right.
(That error message is supposed to appear when people try to access the picture from an unauthorised source, as demonstrated by the lack of an appropriate referrer in the requesting HTTP header (e.g., thefretboard.co.uk). It also appears when the user has excessive browser "security" settings. Typically these come about without the user's knowledge via badly-written anti-virus programs. Norton used to do it, for example, but I believe that was fixed years ago. If it is appearing on lots of people's screens, then I need to look at the other end. Some time back my provider added HTTPS functionality without bothering to tell me first. That caused some issues like the one above. I believe I have them sorted, but I'm testing to be sure.)
Browsing directly to the image should fail. The normal way to handle image read permissions on a website is to allow free access to any browser with the correct referrer. So the server at example.net would hand out the picture at example.net/myimage.jpg to any browser that requests it with the referrer "example.net". Everything works as expected. However, when some scumbag tries to steal the image and embed it in his page at scumbags.net, the example.net webserver refuses access, usually with an error message or an alternative picture (like the one you are seeing in this thread). This too is desired behaviour.
What if you (the webmaster) want to allow embedding of an image on another site (e.g., The Fretboard)? You provide the web server with an exceptions list. This, of course, I have done - thefretboard.co.uk is whitelisted on my webserver.
Unfortunately, if my reading of the server logs is correct, the Fretboard web server is stripping the referrer tag out of the HTTP header it sends to my image hosting site. My server, very properly, says "this could be any random scumbag trying to access my files" and refuses access.
I'll return to this issue and double check my assumptions a bit later, but that is what seems to be happening.
Note the missing referrer. Compare with a normal entry, which the referrer intact:
Cheer4s Idiotwind. Of course it can be spoofed. However, in the real world any leakage from spoofing is trivially small and this can in practice be ignored. The alternative is leaving yourself without any hotlink protection, and that is unacceptable. It only takes one scumbag on a very popular site hotlinking your stuff to blow your bandwidth out of the water. You are left to get through the rest of the month with all your sites down and no email either.