Skip to main content

Secure Your Images with Hotlink Protection

Hotlink protection is a crucial feature that prevents external websites from using your server resources by linking directly to images and media hosted on your site. This guide covers how to configure hotlink protection using the .htaccess file, helping you to secure your server’s bandwidth.

  • Understanding Hotlink Protection
  • Setting Up Hotlink Protection with .htaccess
  • How Mod Rewrite Works for Hotlink Protection
  • Using Leech Protection with mod_rewrite
  • Testing Your Setup
  • Summary

Hotlink protection stops other websites from embedding your images, videos, or other media, effectively blocking unauthorized requests. By using Apache's .htaccess file, you can prevent direct links to your resources while only allowing access from specified, approved URLs.

  1. Open your .htaccess file in the directory where your images are stored.
  2. Copy and paste the following code to define allowed URLs: ```apache SetEnvIfNoCase Referer "^http://www.example.com/" locally_linked=1 SetEnvIfNoCase Referer "^http://example.com/" locally_linked=1 SetEnvIfNoCase Referer "^$" locally_linked=1

Order Allow,Deny Allow from env=locally_linked


3. Replace `example.com` with your domain, save, and upload.

## How Mod Rewrite Works for Hotlink Protection
To enhance hotlink protection, use Apache's mod_rewrite module. This code blocks external image links unless the HTTP referrer is from your domain:
```apache
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://example.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.com/.*$ [NC]
RewriteRule \.(gif|jpg|png)$ - [F]

Using Leech Protection with mod_rewrite

To prevent leeching, ensure mod_rewrite is installed, organize media in directories, and add a .htaccess file in the image directory:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://example.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.com/.*$ [NC]
RewriteRule \.(gif|jpg|png)$ - [F]

Testing Your Setup

To verify hotlink protection, create a test page on a different server with an embedded image from your protected directory. If the hotlinking attempt results in a broken image, your setup is successful. Any authorized requests should display correctly on your website.

Summary

Hotlink protection is a simple but effective way to secure your website's resources and prevent unauthorized use of your images and media files. By following this guide, you can easily set up hotlink protection using Apache’s .htaccess file, or use mod_rewrite for advanced configurations. This setup will help preserve bandwidth, enhance security, and keep your content safe from unauthorized use.