Tutorials

How To Stop Image Hotlinking with .htaccess

Google+ Pinterest LinkedIn Tumblr

You can stop others from hotlinking your site’s files by placing a file called .htaccess in your site root (main) directory. The period before the name means the file is hidden, so you may want to edit your file as htaccess.txt, upload it to your server, then rename the txt file to .htaccess in your directory. Contact your web host on how to access your directories and configure your .htaccess file.

Before writing code to your .htaccess file, there is an online site which provides you create your Hotlink protection of images file.

Htaccess Tools

Use this generator to create a .htaccess file for hotlink protection of your images and pictures. Hotlink protection can save you lots of bandwidth by preventing other sites from displaying your images.
Example: Your site URL is www.wparena.com. To stop hotlinking of your images from other sites and display a replacement image called hotlink.gif from our server, place this code in your .htaccess file:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+.)?wparena.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*.(jpe?g|gif|bmp|png)$ http://altlab.com/hotlink.gif [L]

The first line of the above code begins the rewrite. The second line matches any requests from your own wparena.com URL. The [NC] code means “No Case”, meaning match the URL regardless of being in upper or lower case letters. The third line means allow empty referrals. The last line matches any files ending with the extension jpeg, jpg, gif, bmp, or png. This is then replaced by the hotlink.gif image from the altlab.com server. You could easily use your own hotlink image by placing an image file in your site’s directory and pointing to that file.

To stop hotlinking from specific external domains only, such as myspace.com, blogspot.com, and livejournal.com, but allow any other website to hotlink images:

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(.+.)?myspace.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+.)?blogspot.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+.)?livejournal.com/ [NC]
RewriteRule .*.(jpe?g|gif|bmp|png)$ http://altlab.com/hotlink.gif [L]

You can add as many different domains as needed. Each RewriteCond line should end with the [NC,OR] code. NC means to ignore upper and lower case. OR means “Or Next”, as in, match this domain or the next line that follows. The last domain listed omits the OR code since you want to stop matching domains after the last RewriteCond line.

You can display a 403 Forbidden error code instead of an image. Replace the last line of the previous examples with this line:

RewriteRule .*.(jpe?g|gif|bmp|png)$ - [F]

Warning: Do not use .htaccess to redirect image hotlinks to another HTML page or server that isn’t your own (such as this HTML page). Hot linked images can only be replaced by other images, not with an HTML page.

As with any htaccess rewrites, you may block some legitimate traffic (such as users behind proxies or firewalls) using these techniques.

Noor Mustafa Raza

I am a WordPress Developer and Designer, author @WPArena. I am providing Free WordPress consultation and can help you to install WordPress in a secure way to small businesses and bloggers.

Write A Comment

Pin It