Servergrove: How to stop people from hotlinking your image files

When someone links directly to an asset on your server, say an image or even worse, a video file, the asset will appear on the another site but be hosted on your server. This method is called hotlinking or image leeching and, when done without permission, is nothing short of bandwidth theft since this uses your bandwidth and the other site gets credit for it. We recently had a case where a well known high-traffic blog hotlinked an entire image gallery from one of our clients. Of course our client, who was hosted on a Mini account blew his bandwidth allotment by a mile. Fortunately our server sent him a notification and when he contacted us we easily rectified the problem.

Here is how to prevent hotlinking, open your root .htaccess file and paste the following code:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?your-domain.com/.*$ [NC]
RewriteRule \.(gif|jpe?g|png|mov|avi|wmv|mpe?g)$ - [F]

Make sure to replace “your-domain.com” with your actual website domain. The above example will block images and movie files from being hotlinked. If someone hotlinks to your assets they will get a “image not found icon” on their page. If you want to allow a friendly URL to hotlink assets from your site, simply add the following code:

RewriteCond %{HTTP_REFERER} !^http://(www.)?friendlyURL.com/.*$ [NC]

And repeat the above code for every domain you wish to make an exception for.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: