Question about HTTP Referers

It depends entirely upon those who are viewing the image from your embedded link on the forum. If their browsers and privacy software are configured to allow the free passing of referrers, then the server hosting the image will have source URL in their webserver logs. If some forum users are configured to block referrers, then no referrers will be logged on the image hosting server.

Of course, as you mentioned, the image hosting server will see the IP addresses of all connections pulling copies of their image, so be advised that you are not doing those forum users any great "privacy favor" by linking them to a third-party server to display images. Also, be sure that the server hosting the image(s) don't have a usage policy against that. You are causing their server resources and bandwidth to be used in order to display those images to the forum users.

 

No, referrers are passed for every object pulled from a webserver, assuming the browser and security software are allowing referrers. You don't need to hit an HTML or PHP file on the hoster's webserver.

The referrers are not captured by the object being accessed. They are logged by the webserver software regardless of the type of file being served. You don't need to execute a script or program of any type at the hosting server for all the logging to happen.

 

Yes, that is almost always true. Since the majority of people do not block referrers, almost everyone clicking a link to wilderssecurity.com from any other forum or website out on the Internet, will pass the referrer field to the webserver here. So, the URL of the webpage they were on when they clicked such a link will be passed.

If you are properly configured using that proxy service, then it should only be the TOR IP address that accesses the server here. No private IP address information should be included when using an anonymous proxy service. With referrer blocked, that field should be blank - although some referrer blocking software actually insert something specific into that field. Outpost Firewall often inserts: "Field blocked by Outpost Firewall (http://www.agnitum.com)" into the referrer field.

There's one other field to consider: User Agent. If that isn't blocked or a bogus one put into place, then information like this will be included for a Windows XP user running the latest Firefox version: "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.7) Gecko/20070914 Firefox/2.0.0.7"

If IMG tags are used to embedded a remote hosted image on a forum or website, the same information is passed. The only difference is that the people viewing that thread or webpage don't have to click on a link to have that access happen. In your example, if someone IMG tags the Wilders logo in a thread on some other forum, everyone that views that thread, and who haven't somehow disabled the automatic rendering of third-party hosted images, will access the Wilders webserver to get the image, and will pass the same information as if they had manually clicked a URL to here from that same page.

Note that I recently disabled the rendering of remote images via IMG tags here at Wilders because of the issue of privacy and tracking possibilities:

Sticky: Third-party hosted image linking disabled