Hotlinking is the act of utilizing a URL to access an image within the website code or directly through the image URL in a browser. By implementing image URLs within code, the server doesn’t need to consume any bandwidth or HTTP requests to provide the image. Essentially, if a URL to an image on another site is utilized within code on my site, the server of that particular site will serve the image instead of my site’s server. As instance, a URL to an image from Yahoo can be obtained for a site like the one mentioned below.
https://l1.yimg.com/dh/ap/fp/rsz/012413/home_uni_1359057924.jpg
This can be used in your code to display the image on your website. The code looks like the following.
<img src="https://l1.yimg.com/dh/ap/fp/rsz/012413/home_uni_1359057924.jpg" />
Hotlink protection is essential for website security and performance. When someone hotlinks to your website, they are essentially using your server’s resources instead of their own. This can cause your site to slow down and become overloaded if many people hotlink to your images on their own websites. Additionally, hotlinking can enable others to use your images on their site as if they are their own, which is a violation of your website’s content rights. To prevent this, you can use Hotlink protection to block the usage of your images on other sites. There are different ways to implement hotlink protection, such as through the .htaccess file or the cPanel HotLink protection feature.
Hotlink protection .htaccess code
Code can be added directly to the .htaccess to prevent Hotlinking in a directory-specific location. The following code is used to prevent Hotlinking to jpg, jpeg, gif, png, and bmp file types.
RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^https://(www.)?my-website.com/.*$ [NC] RewriteRule .(jpg|jpeg|gif|png|bmp)$ - [F] Redirecting hot-linked visitors to a specific page
You can redirect people to a specific page if they try directly accessing your images through the url of their browser.
https://www.my-website.com/restricted.html
This applies to visiting the image URL in the browser, The following code will show how to redirect anyone going to a jpg, jpeg, gif, png, and BMP file to a “restricted.html” page.
RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^https://(www.)?my-website.com/.*$ [NC] RewriteRule .(jpg|jpeg|gif|png|bmp)$ https://www.my-website.com/restricted.html [R,L] Using the HotLink Protection in the cPanel
A feature that is included in cPanel is the HotLink Protection feature. The HotLink Protection in cPanel writes the .htaccess code for you. Below are the steps for using HotLink Protection in cPanel.
- Login into your cPanel.
- Navigate to the Security section and click the HotLink Protection icon.
- Click the Enable button at the top of the screen to enable the service. Then click Go Back. You will see HotLink Protection is currently enabled.
- Ensure any URLs you want to allow hotlinking are in the list. This includes the domain that the images are on. Be sure to set both www and non-www versions.
- To allow URLs in the browser to access your images, select the Allow direct requests checkbox. This will let the visitor navigate to the URL in the browser while denying image linking through the code of a site.
