1-888-959-PAPA [7272]
HostPapa Blog / Security  / How You Can Prevent Hotlinking
21 Jun

How You Can Prevent Hotlinking

(Last Updated On: January 11, 2021)

Hotlinking happens when someone displays an image from your site by using its web link directly. They get to display the image on their website and have it sourced from your website. Each time it loads, the image is extracted from the source website’s server.

That can happen without your permission and maybe even without your knowledge.

For a simple analogy to explain hotlinking, imagine if someone used your fuel for their car. They’d be hotlinking your car’s fuel to make their own car run. Quite clearly, that’s not right.

In this article, we’ll explore the topic of hotlinking. You’ll learn what it is, why it happens, why it should be prevented, and the steps you can take to prevent it. You’ll find out how to stop other people from using your content and how to make sure you don’t engage in hotlinking yourself.

What Is Hotlinking?

Hotlinking involves a person copying the URL of an image and embedding it on their website, causing the image to display as if it was their own content. When a visitor browses the website, the hotlinked image will be retrieved from the source site via the copied URL.

It’s important to mention that hotlinking is basically one step worse than copyright infringement. It would happen if, instead of just linking to an image, you downloaded and used it as if it were yours, without crediting the owner. When hotlinking occurs, the culprit uses a web link or URL to reference the image, and may or may not identify the source.

Why Does Hotlinking Happen and What’s the Harm?

In many cases, hotlinking is unintentional. That is, the hotlinker knows what they’re doing, but they don’t know it’s wrong.

What these people don’t realize is, hotlinking can be very expensive for the owner of the image. Consider what it would be like if someone borrowed content that you either created or paid for, and used your server resources to do it! They’re basically freeloading, ignoring the investment you’ve put into your site’s content, and leeching off your server resources.

Prevent Image Hotlinking

Image credit: Ravi Chahar

In most cases, hotlinking is also illegal. When you buy a photo from a stock photo website, you receive a license to use the image. The license is for you alone, not for anyone who decides to copy the image URL and use it for themselves. It’s important that you protect your legal rights as a license holder.

As if having your content used without permission isn’t bad enough, if a large number of people hotlink to your images, it can put a lot of pressure on your website’s server. This could potentially cause your site to crash, and users will be turned away.

How Can You Prevent Hotlinking?

There are many hotlinking prevention steps you can take, and this section will describe several of the most effective ones.

Some of these tips involve finding an image of yours that has already been hotlinked, so “prevention” may not be the right word. Nevertheless, considering that most of the damage caused by hotlinking is tied to the ongoing use of your content, it’s smart to find hotlinking early and stop it before it causes a problem.

1. Figure Out if Hotlinking Is Happening

The most important thing you can do to avoid becoming a victim of hotlinking is to know it’s happening as soon as it starts. Figuring out if someone is hotlinking your images isn’t always easy. In some cases, you’ll never know it’s happening. However, running a few simple tests can help.

One way to find out if your content is hotlinked is to use Google Images. Using the following command, you can make Google search for your images on all other URLs across the internet.

inurl:yourwebsite.com -site:yourwebsite.com

This search will scan the internet for all images being used with your URL. You’ll be able to visit the site where the images are being used, making it easy for you to pinpoint who the hotlinking culprits are.

2. Add a Disclaimer Under Each Image

Like people who use signs in their yard to let others know it’s private property, you can add disclaimers under your images to highlight the fact that they’re not meant for use by other people.

You can choose any wording you want for a disclaimer, mentioning your legal rights of ownership, as well as the penalty that will be enforced if someone uses the image. Disclaimers will let everyone know not to hotlink your content, and they don’t take long to write, so this is an easy step to take.

Disable hotlinking in WordPress to protect your site

Image credit: Shout Me Loud

3. Get Hotlink Protection from Your CDN

You can use the hotlink protection offered through the CDN that your website runs on. Using this feature will prevent your website’s content from being displayed on other sites, including Pinterest, a site that sees a particularly large amount of hotlinking.

You can also enable hotlinking protection on your server, not just the CDN, so all of your content and all the channels through which it’s served will be 100% secure.

4. Employ WordPress Plugins for Hotlink Protection

Using WordPress plugins, you can add an additional layer of security to your website. The All in one WP Security & Firewall plugin comes with a built-in hotlinking prevention feature.

You can also use the plugin to disable the right-click option on your images. By disabling the right-click option, you’re making it harder for people to copy the link to your image.

5. Rename Your Image Files

If someone hotlinks one of your images, a smart approach is to simply change the URL of the image. Then, hotlinkers will not be able to display the image, because the link they used will be wrong. Instead of displaying your image, their site will display a 404 Error, but that’s the hotlinker’s problem!

Renaming your images is a great prevention step too. As a website owner, you should regularly rename your site images, as this will help you avoid having your content hotlinked.

6. Take Advantage of cPanel Protection

Just as you can enable hotlinking protection on your CDN or CMS platform, you can do the same in cPanel. This can be a great way to prevent hotlinking from happening, as it protects your site’s backend from random user requests.

Threaten Hotlinkers with a DMCA Notice

7. Threaten Hotlinkers with a DMCA Notice

If you know who the hotlinkers are, you can approach them directly and request that they stop using your content. If they don’t listen, you have the Digital Millennium Copyright Act (DMCA) on your side. You can use it to force a hotlinker to stop using your images on their site.

If you issue a warning that references the DMCA, it will be taken very seriously. They’ll know you aren’t messing around and that there will be serious consequences if they ignore the warning. When they’re faced with a very real fear of being fined or blocked, or of having their website suspended, hotlinkers will remove the links to your images fast.

8. Block Specific Domains

Another trick is to simply block specific domains from using your content. You could make a list of websites, competitors, or hackers that you suspect would have an interest in using your images, and then block them.

This technique is a good preventative step. If your list of domains to block is comprehensive, you can make this work for you.

9. Add Code to Your .HtAccess File

Our last suggestion for protecting your site from hotlinking is to add specific code to your website’s .HtAccess file. You can use the following code snippet:

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://(www\.)example.com/.*$ [NC]

RewriteRule \.(gif|jpg|jpeg|bmp|zip|rar|mp3|flv|swf|xml|php|png|css|pdf)$ – [F]

Replace “example.com” in the code snippet above with your website’s URL. You can also edit the snippet to serve hotlinkers alternative content, like another image. For example, while all legitimate users will see your licensed image, you can send hotlinkers an angry emoticon. That will drive home the point that you don’t want them to use your images.

If someone hotlinks one of your images, you can simply change its url.

Take Action Against Hotlinking!

If you take the steps we suggested above, you can avoid being a victim of hotlinking. You’ll protect the website content that you created or licensed, and you’ll provide your customers with a unique browsing experience. Plus, your hosting provider will be happy, because no one will be able to misuse the server resources that your site runs on.

Have you ever been a victim of hotlinking?

Post Tags:
María Bustillos

María is an enthusiast of cinema, literature and digital communication. As Content Coordinator at HostPapa, she focuses on the publication of content for the blog and social networks, organizing the translations, as well as writing and editing articles for the KB.

No Comments

Sorry, the comment form is closed at this time.