What is a hotlink? How to block hotlinks

A hotlink is the process when a direct link to some media content (images, videos, audio files, etc.) is being shared, instead of the full web page where it is actually being. host.

Why is hotlink annoying for you? While a hotlink is great for URL sharers, it can cause problems for content owners. First of all, such actions may be considered piracy, since the image is displayed without information about the author. Second, the hotlink uses the resources (bandwidth) of the hosting account where the website is hosted.

Picture 1 of What is a hotlink? How to block hotlinks

How do I know if the image you own is hotlink or not?

There is an accurate and really simple way to check if the image you host is hotlinked - Google Images. The following command must be inserted in the search bar:

inurl:yourdomain.com -site:yourdomain.com

Use your domain instead of yourdomain.com.

It looks for all the image links on your site, automatically removes from the results legitimate links (those that you actually own), and leaves only the hotlinked URLs.

Protect against hotlinks and SEO

You may be wondering if hotlink protection affects your site's ranking. The answer is no. Your website may load even faster because its bandwidth is not affected by constant illegal requests from re-posted images. And that actually improves your rankings.

The issue occurs when the protection against hotlink is not implemented properly and blocks access to the crawler image. This prevents the image from showing up in search results or even the web page from being indexed correctly.

How to block WordPress hotlinks

Picture 2 of What is a hotlink? How to block hotlinks

There are many plugins that provide anti-hotlink protection. For example, you can choose All In One WP Security And Firewall as the versatile plugin for WordPress. Script Configurable Hotlink Protection solves only one problem and allows configuring block severity (block).

When using any plugin of this type, make sure to back up your account before making any changes. Another useful tip is to clear the plugin cache after enabling anti-hotlink protection (in case you use it).

General .htaccess rules

The hotlink can be blocked by editing the .htaccess file in the root directory of the domain in question. It allows to disable the use of URLs directly to files, but does not block them from displaying on the original web page. The following rule will be added to .htaccess:

RewriteEngine on RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?yourdomain.com [NC] RewriteRule .(jpg|jpeg|png|gif)$ - [NC,F,L]

Replace yourdomain.com with the real site name and jpg | jpeg | png | gif are the file types to protect.

This rule allows requests from firewall users and specific antivirus programs to hide information about the sender of the request. This will prevent a visitor with such settings from viewing media content on the website, in particular protected images.

To have a custom page that says hotlinks are not allowed, instead of the usual error message, you can slightly modify the rule. Need to specify the file to be displayed instead of the image to be hotlinked. The file must be created and uploaded to an unbounded directory for direct viewing and linking. For example, it could be a subdomain, created specifically for this purpose, or an open media memory. The rule with custom error image binding would look like this:

RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?yourdomain.com/.*$ [NC] RewriteRule .(jpg|jpeg|png|gif)$ http://domain.com/nohotlinking.jpg [NC,R,L]

Or:

RewriteEngine on RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?yourdomain.com [NC] RewriteRule .(jpg|jpeg|png|gif)$ http://domain.com/nohotlinking.jpg [NC,R,L]

Where http://domain.com/nohotlinking.jpg is a direct link to the image you are using as a custom error message.

While this helps prevent your bandwidth from being stolen and maintains stable website performance, you may still want to allow some search engines and social media platforms to access your files. This will allow the image to be displayed in search results and shared via widgets. For this purpose, the hotlink protection rule can be added to the .htaccess file with special lines, specifying the allowed requests:

RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?yourdomain.com [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?google.com [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?bing.com [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?yahoo.com [NC] RewriteRule .(jpg|jpeg|png|gif)$ http://domain.com/nohotlinking.jpg [NC,R,L]

Replace yourdomain.com with the real site name and jpg | jpeg | png | gif are the file types to protect.

Update 27 October 2020
Category

System

Mac OS X

Hardware

Game

Tech info

Technology

Science

Life

Application

Electric

Program

Mobile