diff --git a/upload.go b/upload.go
index aaf5f0b..419dc05 100644
--- a/upload.go
+++ b/upload.go
@@ -138,6 +138,11 @@ func uploadPutHandler(c web.C, w http.ResponseWriter, r *http.Request) {
 }
 
 func uploadRemote(c web.C, w http.ResponseWriter, r *http.Request) {
+	if !strictReferrerCheck(r, Config.siteURL, []string{"Linx-Delete-Key", "Linx-Expiry", "Linx-Randomize"}) {
+		badRequestHandler(c, w, r)
+		return
+	}
+
 	if r.FormValue("url") == "" {
 		http.Redirect(w, r, "/", 301)
 		return