How to Prevent Hotlinking to Your Website

10 Jan, 2024

Hotlinking is something that every web designer or developer understands. However, if you are an average website owner, there is a chance that you might not even have heard the term hotlinking.

Most web admins consider hotlinking a bad practice, and they should disable hotlinking. Otherwise, it will be a challenging situation for your website.

This blog post will explain what hotlinking is and the disadvantages, how you can protect your website from hotlinking, etc.

Keep reading.

Hotlinking: What Is It?

Imagine you are running a wildlife photography website. You have spent so much money and effort to take eye-catching photos, and you keep uploading those photos to your website.

Now some people are running the same type of website. Instead of taking the photos themselves or buying from any image marketplaces, they found your website and used the images you uploaded.

Technically, they have two options to publish your photos on their website.

They can visit your website, right-click on your images and save them to their computer. And then re-upload those photos to their website. In this case, they steal your content and gain from your hard work.

The second option is a little bit different from the first option. Instead of re-uploading your images to their hosting server, they will directly display them on their website by linking from your site.

In this situation, they are not only stealing and using your content, but also they are stealing your bandwidth and CPU. So every time a visitor views your images on their website, they are using your hosting resources.

Let me explain to you how.

Suppose their website is relatively well-known and used to get decent web traffic. If so, your hosting company charges you for their bandwidth usage as well.

They are saving their disk space and bandwidth usage by pulling those image files from your web server and letting you pay for it.

It is like your neighbor uses your parking slot and WiFi for free.

Hotlinking: Why You Should Avoid It

I hope hotlinking is now clear to you.

Now I am asking you. Are you hotlinking others’ content on your website? Let me tell you frankly; you should stop using hotlinking.

Hotlinking will only negatively impact one person, the original website owner.

If you are hotlinking from other’s content, the reason would be it is effortless to use the assets from their websites on to your website. I can understand that.

But the reality is that hotlinking will harm them the most.

Now let me tell you why you should not use hotlink, and I have five reasons.

1 – The unauthorized use of digital content is unethical. Reusing content without the owner’s permission is called digital theft.

Sometimes the content may be available under a Creative Commons license issued by the content creator itself. Otherwise, you must obtain permission and usage rights before using those images on your website.

2 – They are paying more for hosting because you drain their resources. As I said earlier, whenever someone visits a hot-linked image on your website, it utilizes the origin server’s bandwidth and CPU resources.

So technically, you are stealing the content from the creator and the website hosting resources from the website owner.

3 – Website owners can take legal action against you. Hotlinking a copyrighted image and other digital assets will lead you to a legal battle with the content creator.

Suppose the original website owner sent you a copyright infringement notice, and you fail to take down those assets. Then the original owner can file a lawsuit against you.

4 – The hotlinking file is entirely beyond your control. A hot-linked image file is connected to the original website server. Suppose the original website owner decided to rename or delete the content at any time. In that case, that will affect your website as well. Your visitors will see a 404 Not Found error on your website. Do you want that to happen?

What if the website owner decided to change the image entirely? It is now totally irrelevant to your website. Of course, they can play with you.

5 – Hotlinking makes you look unprofessional. Due to the bad reputation of the hotlinking strategy, adopting this method will poorly reflect on you.

Your visitors may think you lack originality and don’t respect others’ rights. That will impact you very severely.

Instead of Hotlinking, Do This

Okay, based on my explanation now, I hope you have decided to stop using hotlinking.

You might be wondering what you will do instead of hotlinking. And you still need to use images on your website. I can guess that, don’t worry.

When you use someone else’s images, the most vital part is ensuring that you have permission from them.

There are so many images that you can freely use without worrying about copywriting issues.

Or you can directly ask the website owner and seek permission to use those images on your website. Suppose you are ready to give proper credit back to the original owner of the digital assets. Then they will be delighted to allow you to use those files.

You cannot use some images unless you pay to use them — for example, strictly copyrighted photographs.

Okay, now you have acquired permission from the original website owner or bought those images yourself.

You need to download those images and upload them to your website hosting server. In this way, you will not steal their website bandwidth and resources. And they will be happy.

For some reason, you were unable to acquire the image you needed. In that case, you can try these alternatives:

1 – Replace the image with a similar one.

I am sure you can find a similar image and then use that image to convey the message. There are free alternatives like Unsplash or paid options like Shutterstock. You can try to find similar images from these websites.

2 – Instead of the image, use a link to the page.

Unfortunately, suppose you cannot find a similar image as an alternative. In that case, you can consider adding a link to the original website page.

In this case, you may not be able to display the image exactly the way you wish to. But your visitors will still get the opportunity to see the image by clicking on the link you have added.

So, your visitors can go to that website and view the original image.

The Best Way to Prevent Your Site From Being Hotlinked

You need to make sure that you have hotlink protection in place to prevent others from stealing your content and bandwidth.

Yes, for that, you need to disable the hotlink feature. Before we proceed, I wanted to tell you that enabling hotlinking protection will not hurt your websites present in Google search results.

Unless you block search engines from indexing your images, your search engine optimization efforts won’t be unaffected. And I don’t think you will restrict search engines purposely. So we are good to go here.

I will tell you four ways to protect your digital assets from getting hotlinked.

1 – Enable Hotlink Protection From DirectAdmin

If your website is hosted with Rovity, you can enable hotlinking protection very quickly from your DirectAdmin control panel. This is the most effective and easiest way to protect being hotlinked.

If you are not hosted with Rovity, you may have control panels that offer similar features. Otherwise, I recommend you consider Rovity to host your websites and start protecting your digital assets immediately.

Now please login to your DirectAdmin control panel and click on the Hotlinks Protection icon. You can see this icon under the Account Manager section.

Hotlinks Protection Icon DirectAdmin

You will then see the hotlink protection management page of DirectAdmin.

Click on the Enable Hotlinks Protection button, and DirectAdmin will instantly activate hotlink protection for your domains.

Hotlinks Protection Page DirectAdmin

The rest of the default settings will work fine in most cases, so you can leave it as it is.

I hope this will be the easiest method to prevent the hotlinking of your website from others.

2 – Enable Hotlink Protection Using .htaccess File

Suppose you don’t have access to a control panel like DirectAdmin. In that case, you can use the .htaccess file to enable the hotlinking protection.

For that, you need to use any FTP clients like FileZilla and then modify your .htaccess file. I will show you how to edit the .htaccess file using the default File Editor option inside the DirectAdmin control panel.

It is easy to edit your files through the control panel if you have it. Otherwise, you can use additional options like FTP. But the method that I’m going to show you will be the same for any file modification.

So log into your DirectAdmin control panel and click on the File Manager icon. It will be under the System Info & Files section.

Once the File Manager opens, navigate to the root folder of your WordPress directory. Usually, it will be under the public_html folder.

In that folder, you can see the .htaccess file. Now double click on the file icon, and then the File Editor window will pop up.

You can copy the below code, paste it into your .htaccess file, and then click on the Save button.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)? [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)? [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)? [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)? [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)? [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ – [NC,F,L]

Please make sure you have changed and replaced it with your actual domain name.

Enable Hotlink Protection Using Htaccess File

3 – Enable Hotlink Protection Through Your CDN

There are many benefits of using an effective Content Delivery Network (CDN) for your WordPress website. Having a CDN will increase the content delivery speed. It will provide you with better performance for your visitors.

Most CDN providers also offer a way to manage your assets, including hotlinking protection.

Tier 1 Network Partners. < 30ms Global Latency.

Get access to our vibrant CDN for FREE and have a blazing fast website next to your customers; wherever they live.
In India, we have PoPs in Bangalore, Chennai, Mumbai, and New Delhi.

At Rovity, we are also offering a premium CDN for free. We have enabled hotlinking protection for your website by default.

Are you using any other 3rd party CDN providers? Then you need to check the CDN control panel to see if they offer hotlinking protection for your CDN serving images.

Here I will show you how to enable hotlinking protection for your images serving through Cloudflare CDN.

You can activate hotlinking protection for your domains by logging in to your Cloudflare dashboard. Then click on the Scrape Shield menu from the left side menu bar.

On the Scrape Shield page, you will see the Hotlink Protection option. Just toggle on, and Cloudflare will change the settings immediately.

Hotlink Protection Cloudflare

Cloudflare will then serve your sites with hotlink-protected images once you activate it. Currently, Cloudflare offers hotlinking protection for the following image file formats: gif, ico, jpg, jpeg, and png.

4 – Enable Hotlink Protection Using a WordPress Plugin

For any reason, if none of the above solutions are available to you, then you can consider installing free WordPress plugins to protect your images from being hotlinked.

WP Content Copy Protection & No Right Click plugin will help you here. This plugin will block your visitors from copying text and disable the right-click feature on your website.

Suppose you have enabled the right-click prevention option. In that case, the thieves won’t be able to save any assets using the direct link to your content files.

So to enable the right-click protection on your WordPress website, you need to install this plugin and activate it.

Once this plugin is installed, click on the Copy Protection menu from the left side and open the Premium RightClick Protection tab.

Here you can disable right-click on Posts, Home page, and Static pages.

Copy Protection RightClick Premium

Now, scroll down and click on the Save Settings button.

Alternatively, you can use All In One WP Security & Firewall and Secure Copy Content Protection and Content Locking plugins.

I hope this article helped you find a better way to acquire content for your website. Did you find it very easy to disable and prevent hotlinking protection from your DirectAdmin control panel?

If you like it, I invite you to try Rovity to host your WordPress websites. We are one of the fastest-growing hosting service providers that focuses on the security and performance of your WordPress website.

You can try Rovity using our monthly plan, and I am sure you will love Rovity.

We already have many satisfied clients who have migrated from expensive WordPress managed services. They are now saving a massive amount from their hosting subscription costs, and their websites are now flying.

Jafar Muhammed

Jafar Muhammed has 10+ years of experience in WordPress, web hosting, domain names, DNS, CDN, server administration, etc. He is an open web advocate. He is the CEO of Rovity, the fastest-growing premium shared hosting startup in India.