Help fight hotlinking

  • Resolved madmax4ever

    (@madmax4ever)


    1 year, 10 months ago

    Hello,

    MailPoet is great, allowing us to use any WordPress or WooCommerce ressource in your website, but the MAJOR drawback of having a WordPress integrated newsletter solution like MailPoet is hotlinking!
    As you need customers to view your emails images, and as MailPoet do not embed them in the email (which is great), you live a hard time fighting hotlinking as every directory must be accessible to any webmail domain your customers may use!

    But if MailPoet could copy any image used in an email under a specific directory (even better if it’s in a subdir of this directory dedicated to each mail) prior to sending it, webmasters would just have to allow free access to this directory.
    Everything else could be protected against hotlinking!

    In the way I see it for now, MailPoet is a real SEO killer to websites as a consequence of that hotlinking issue that allows toxic backlinks you then need to disavow in Google Search Console…

    I really wish you could add a new feature to do so (copy files in a different directory).

    As a second gain, the sent emails would remain visible and accurate as long as you keep the email’s specific directory. Even if you delete the original image (or product for that matter if you use WooCommerce)!

    I hope you’ll be interested in such a feature.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Bruna a11n

    (@bruberries)

    Hi @madmax4ever,

    We hear you, thank you for the honest feedback.

    It’s true that if you have hotlink protection enabled, it should affect how your images are rendered in the newsletter when viewed by your subscribers, and you’d have to disable it or host the images on a different server to fix it.

    I really wish you could add a new feature to do so (copy files in a different directory).

    Feel free to add it as a suggestion here?https://feedback.mailpoet.com

    Our team will take it into account when discussing new features and improvements for the plugin ??

    Thread Starter madmax4ever

    (@madmax4ever)

    Hello,

    I’ve done it the same day I posted here.

    I’ve worked on this subject (important one for us) and already found a way to deal with newsletters (but not automated mails if I make no mistake…).

    I used a filter MailPoet offers to do so. It makes no change for newsletter editor but make copy of images and changes the images URL accordingly at render time (so before the mail is actually sent).

    I share it here (you may need to adapt here to fit your needs):

    add_filter('mailpoet_sending_newsletter_render_after_pre_process', 'mr_process_mail', 10, 2);
function mr_process_mail ($aRenderedNewsletter, $oNewsletter) {
	$aRenderedNewsletter['html'] = mr_process_images( $aRenderedNewsletter['html'], $oNewsletter->getId() );
	return $aRenderedNewsletter;
}

function mr_process_images( $sHtml, $iId ) {
	// CREATE DIRECTORY
	$sDestDir = '/wp-content/uploads/mailpoet/newsletter_images/' . $iId;
	if ( !file_exists( ABSPATH . $sDestDir ) ) mkdir ( ABSPATH . $sDestDir, 0755, true );
	$sDetectionRegExp = '#(<img[^/>]+)(?<=\s)(src=)(\"|\')([^\"\']*)(\'|\")([^/>]*/>)#miUs';
	$sResult = preg_replace_callback( $sDetectionRegExp, function( $matches ) use( $sDestDir ) {
		// COMPUTE URI
		$src = $matches[4];
		$new_src = preg_replace( '#(.*)/wp-content/(.*)/([\w-]+)(\.(jpe?g|png|gif|webp|avif|svg))$#iU', '$1'.$sDestDir.'/$3$4', $src );
		$new_src = preg_replace( '#(.*)/wp-content/(.*)/([\w-]+)(\.(jpe?g|png|gif|webp|avif|svg))\?(.*)$#iU', '$1'.$sDestDir.'/$3$4?$6', $new_src );
		// COMPUTE PATHS
		$site_url = get_site_url(null, '/');
		$src_file = preg_replace('' . $site_url . '', ABSPATH, $src);
		$src_file = preg_replace('\?(.*)$', '', $src_file); // Remove query string
		if ( file_exists( $src_file ) ) {
			$dst_file = preg_replace('' . $site_url . '', ABSPATH, $new_src);
			$dst_file = preg_replace('\?(.*)$', '', $dst_file); // Remove query string
			// COPY FILES
			if ( file_exists( $dst_file ) ) unlink( $dst_file );
			if ( ( $in = fopen( $src_file, "rb" ) ) && ( $out = fopen( $dst_file, "wb" ) ) ) {
				while ( !feof( $in ) ) {
				  $buffer = fread( $in, 64 );
				  fwrite( $out, $buffer );
				}
				fclose( $out ); 
				fclose( $in );
				return $matches[1].$matches[2].$matches[3].$new_src.$matches[5].$matches[6];
			}
			return $matches[0]; // No change
		}
		return $matches[0]; // No change
	}, $sHtml );
	
	return $sResult;
}

    Still looking for a solution/some filter to make it work in others cases (automated mails).

    As MailPoet already manages a cache and thumbnails for templates and sent mails, I think this should be more simple for your team to do so…

    • This reply was modified 1 year, 9 months ago by madmax4ever.
    Thread Starter madmax4ever

    (@madmax4ever)

    My bad: I must have made a mistake (or deactivation) during my tests.

    This also works on automated emails, so I guess I have my own solution!

    Thanks.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Help fight hotlinking’ is closed to new replies.