If you cannot see images at all on my site click here for an explanation

No Photos?

Last update Jan 21, 2020


If you are not seeing any pictures at all on my site the reason is simple; however, the explanation is complicated.

If you see this image, but not this image,
(they should look the same) 

then this page will explain your problem


Your firewall is replacing the html header referring page field with an advertisement for itself, or you are viewing my pages using the Google translate utility. (My friend, webmaster, is working on a solution for the translate problem)


html headers
When your web browser requests a file from my server, your browser includes a string of data called the html header. Among other items, this string includes your IP (Internet Protocol) address. Your IP address is required so my server knows where to send the file back to.

Another important component in the html header is the referring page field which contains the address of the page you were viewing which requested this file. If you clicked a link which sent you here, that page's address is included. For an image, the referring page would be the page the image is shown on.

This is what your computer is reporting as your referring page, which would be the page you just came from.


The referring page data is very useful in analyzing the traffic to my website. For example if you clicked a link which pointed to a missing page (Error 404, file not found) I can find the referring page with the defective link and fix it.

Firewall blocking
For some reason a few firewall companies seem to think this is an invasion of your privacy, despite the fact that it is impossible to find out who you are from this info, without a court order. Your IP address can only be connected to you personally by your Internet Provider, and they don't let that information out except to law enforcement people, and then only if you have done something really bad and a court has instructed them to release the information. Blocking the rest of the data doesn't protect your privacy either because, since the IP address must be included, you can still be identified, if neccessary.

Bandwidth or more accurately, data transfer
While you can visit my website for free, I pay a monthly fee for the hosting of my site. What I pay isn't excessive, but there are restrictions on my service. I am allowed only a certain amount of data transfer a month. Data transfer is the total of all the files viewed on my site, times the file sizes, times the number of times each file is viewed. If my site uses more data transfer than my allotment, I have to pay extra, or they turn my site off.

Bandwidth Theft
Also known as inline linking, hotlinking, leeching, or direct linking. Here's a Wikipedia article on bandwidth theft.
What most people don't realize is when you see an image on a webpage or blog, it is possible that image could be coming from a different computer than the one hosting the webpage you are viewing. This is using the other person's bandwidth, and is referred to as bandwidth theft. MySpace.com is the world's worst offender of this type of bandwidth theft. MySpace makes money by selling advertising on their pages, then they encourage their members to populate their blogs by inserting pictures pulled from other servers. By using other people's bandwidth, MySpace doesn't have to pay for either the bandwidth or file storage space, which are the two most costly portions of a website.

While bandwidth theft is not illegal, it is generally considered unethical. Imagine hundreds of people using your cell phone without your permission. My webmaster recently helped a friend revamp his site. After analyzing his log files, he realized his bandwidth theft was 70 times the data transfer his actual site was consuming, and that was from only 2 pictures being embedded on numerous MySpace blogs. Luckily his site was very small and the total data transfer was still below his allotment. HorseHints is growing steadily. I cannot afford the bandwidth theft.


At one time my webmaster had passwords on his picture files, but that required his visitors to enter a username and password before they could see his galleries. In addition, due to some technical issues, he was unable to protect pictures on the main index or thumbnail pages with that system. He had a lot of bandwidth theft from those areas that he couldn't password protect. He spent allot of time moving files around trying to stay ahead of the bandwidth thieves.

Around the middle of 2006, he discovered a way to use the referring page header information to control access. His server analyzes the referring page field, if the field indicates the page containing the image is located on his site, CowboyFrank.net, or the field data is missing, then the image is sent to the visitor. If the referring page field contains anything else, the image is refused. This puts an additional workload on his server, but has completely eliminated all his bandwidth theft.

If you have a blog on MySpace.com and you try to embed a photo from his server in your "space", or in my case, HorseHints.org, the header lists the referring page as being on "MySpace.com" rather then "CowboyFrank.net", or HorseHints.org, so his server refuses to deliver the image. He has instituted this firewall block on HorseHints.org to circumvent bandwidth theft on my site.

Your problem

If you are unable to see my pictures, your firewall is not just blocking the referring page header field, it is actually replacing it, usually with an advertisement for itself. Sometimes I see a line in my logs such as "field blocked by such-and-such firewall". This doesn't match "HorseHints.org" so is server refuses the request for the image. If your firewall was just blocking the field, leaving it blank, his server would have sent you the image and you wouldn't be reading this.

What can you do?

Tell your firewall not to block that portion of the html header, or better yet, get another firewall which isn't trying to promote itself to all the websites you visit. (I might call that reverse popup advertising) The firewall contained in Windows XP SP2 is decent and is part of your operating system. Most of the commercially available firewalls are also good. It is just a few that think they need to stick their name in web server logs which are only seen by an extremely small number of people.

I am told by a visitor that in Zone Alarm the option to show headers is right next to persistent cookies and web bugs.