Ok you're probably aware that some people out there are not honest, and may *gasp* try to make money off your hard earned work. The most malicious is linking THEIR page with THEIR ads to YOUR images/movies and eating YOUR bandwidth and server resources, quite possibly making it too slow to process requests. Let's make sure that doesn't happen. Add this to your host's .htaccess file (my example host is mydomain.com):

RewriteCond %{HTTP_REFERER} !^http://.*mydomain.com [NC]
RewriteCond %{HTTP_REFERER} !^http://123.45.67.89 [NC]
RewriteCond %{HTTP_REFERER} !=""
RewriteRule .*\.(gif|GIF|jpg|JPG|mpg|MPG|Mpeg|mpeg|MPEG|rm|RM| avi|AVI)$
http://www.mydomain.com/403.htm [R,L]

When a surfer's browser makes a request for a certain url with one of the above extensions (such as a .gif image), it will check the conditions to make sure the referring page starts with http://(any).mydomain.com/, the IP http://123.45.67.89 (also mydomain.com), or no referrer. If it doesn't, the server will return my 403 denied page. Make your 403 page small, as it will probably be served many many times by people and bots out there linking for content to hotlink to. Another important note: some major media players do not send the referring url! This is a big problem for movies. A good work around is to set a cookie in the html page and add that check to the .htaccess file. Only surfers that have seen your page (and your ads) will have the cookie set and be allowed to view the movies.
Javascript code to add to html page between <head></head> tags:
<script type="text/javascript" language="Javascript">
var expires = new Date ();
expires.setTime(expires.getTime() + 24 * 60 * 60 * 1000);
document.cookie = "ssid=valid; path=/" + "; expires=" + expires.toGMTString();
</script>
This sets the cookie 'ssid' for 24 hours. If you want to hide the cookie code so people can't see it when they view the html source, use:
<script type="text/javascript" language="Javascript" src="cookie.js"></script>
and save the rest of the code to the 'cookie.js' file.
Add to .htaccess file:

RewriteCond %{HTTP_COOKIE} !^.*ssid=valid.*$
Of course you only want to use cookies on the pages with actual movies. If your host has pictures and movies (line mine), copy the main .htaccess file into the directory with the movies then add the cookie code. No sense in using it all over your site, since it's not needed for static images. In this case I like to change the cookie name to be unique to each directory, just in case.
The downside with using cookies is 1) some people don't have then enabled ( well too bad for them!) and 2) some TGP's don't accept galleries with JavaScript code. That's unfortunate but there's no way I would consider dropping the extra cookie protection, considering someone hotlinking your movies could bring your server to its knees, while making HIM money!

Hope that is of some use to you

Regards,

Lee