HostSEO Blog

Stories and News from IT Industry, Reviews & Tips | Technology Blog


What is hotlinking and how to prevent it

  • Category : Tips and Tricks
  • Posted on : Jun 19, 2020
  • Views : 736
  • By : HostSEO
Hotlinking is a process when a direct link to some media (image, video, audio file, etc) is being shared instead of a full website page where it is actually hosted.

Why should hotlinking bother you?

While hotlinking is great for the one sharing the URL, it can cause troubles for the owner of the content. First of all, such actions can be qualified as a copyright infringement, since images are displayed with no information on the author. Secondly, hotlinking uses resources (bandwidth) of the hosting account where the website is hosted.

How do I find out if the images I own are hotlinked?


There is an accurate and really simple way to check if the images you host are being hotlinked - Google Images. The following command has to be inserted in the search bar:

inurl:yourdomain.com -site:yourdomain.com
Use your domain instead of yourdomain.com.

It looks up all your website's image links, automatically removing from the results the legitimate ones (those that you actually own) leaving only hotlinked URLs.


Hotlink protection and SEO

You may wonder if the hotlink protection influences the website's ranking. It does not. Your website may even load faster because its bandwidth is not stressed by constant illegitimate requests from re-posted images. And that actually improves your ranking. The issues appear when the hotlink protection is not implemented properly and blocks access to the images for crawlers. This causes the images to not display in search results or even for the website to not being properly indexed. That is why we recommend using a hotlink protection rule or a plugin that allows specifying blank referrers and search engines as allowed fetchers for providing direct URLs to the images.

Ways to prevent hotlinking cPanel

In cPanel there is a menu called Hotlink Protection, that was created specifically for this purpose. Find the detailed step-by-step guide with screenshots here.

WordPress

There are many plugins that offer hotlink protection. For example, you may choose All In One WP Security And Firewall as a multipurpose plugin for WordPress. Configurable Hotlink Protection script deals only with one issue and allows configuring the strictness of the block. When using any plugin of this kind, make sure to backup your account before making any changes. Another useful tip is to clear cache in a cache plugin after enabling the hotlink protection (in case you use one).

General .htaccess rules

It is possible to block hotlinking by editing an .htaccess file in the root folder of the domain in question. It allows to disable usage of the direct URLs to the files, but does not block them from being displayed on the original website. The following rule should be added to the .htaccess:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]

Where yourdomain.com should be replaced with the actual website name and jpg|jpeg|png|gif are the types of files to protect.

This rule allow blank referrers - requests from users of specific firewalls and antiviruses that hide the information about the sender of the requests. Blocking blank referrers will also prevent visitors with such settings from viewing the media content on the website, specifically protected images.

To have a customized page informing that hotlinking is not allowed instead of usual error message, you may slightly modify the rule. It is necessary to specify the file to be displayed instead of a hotlinked image. The file has to be created and uploaded to a folder that is not blocked for viewing and direct linking. For example, it might be a subdomain, specifically created for this purpose or an open media storage. The rule with the customized error image link will look the following way:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ http://domain.com/nohotlinking.jpg [NC,R,L]
or

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ http://domain.com/nohotlinking.jpg [NC,R,L]

Where http://domain.com/nohotlinking.jpg is the direct link to the image you are using as a customized error message.

While saving your bandwidth from theft and maintaining stable website performance you may still want to allow certain search engines and social media platforms to access your files. This will allow the images to be shown in search results and shared via widgets. For this purpose, the hotlink protection rule can be added to the .htaccess file with special lines, specifying the allowed requests:

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yahoo.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ http://domain.com/nohotlinking.jpg [NC,R,L]

Where yourdomain.com should be replaced with the actual website name and jpg|jpeg|png|gif are the types of files to protect.
Regarding the allow referrers, it is possible to add more lines with those websites, that you want to whitelist.
Just as in the previous rule, http://domain.com/nohotlinking.jpg is the direct link to the image you are using as a customized error message.


That's it!




Need any help? Contact our HelpDesk


Subscribe Now

10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!

Archive Calendar

SatSunMonTueWedThuFri
 123456
78910111213
14151617181920
21222324252627
28293031 

Born in 2004 ... Trusted By Clients n' Experts

SEO Stars

They never made me feel silly for asking questions. Help me understand how to attract more people and improve my search engine ranking.

Read More

Emily Schneller Manager at Sabre Inc
SEO Stars

Took advantage of Hostseo's superb tech support and I must say, it is a very perfect one. It is very fast, servers reliability is incredible.

Read More

Leena Mäkinen Creative producer
SEO Stars

We're operating a worldwide network of servers with high quality standards requirements, we’ve choose hostseo to be our perfect partner.

Read More

Ziff Davis CEO at Mashable
SEO Stars

It’s very comfortable to know I can rely about all technical issues on Hostseo and mostly that my website and emails are safe and secured here.

Read More

Isaac H. Entrepreneur
SEO Stars

With hostseo as a hosting partner we are more flexible and save money due to the better packages with great pricing, free SEO n' free SSL too!

Read More

Madeline E. Internet Professional