Hotlinking protection with easy and working methods

Why your website is suspended by your hoster? Why your bandwidth can’t take you to the end of the month? You don’t have many hits or visits on your site, but your RAM and CPU are full! You must upgrade your plan! Yes, you must upgrade your hosting plan (This is the exact email you get from your hosting company) and you don’t know why it happens to your resources.

This upgrades are not for free and you must pay for them!

let’s consider you have upgraded your resources. This solution is not for the long term, CPU and RAM are overloaded and your package is suspended by the company. So, what is the real solution? Our answer is to avoid Hotlinking. stay with MAN (MyAdviseNow) and solve this problem together.

What is Hotlinking?

Hotlinking is known as the act of stealing someone’s bandwidth by linking directly to their website’s assets, such as images or videos. For example, let’s say the owner of website A is hosting a particular image on their server. The owner of website B sees that image and decides he wants it featured on his website as well. However, instead of downloading the image and hosting it on his own server, the owner of website B links directly to website A’s domain. Therefore, instead of linking to the image via their own domain such as:


They would be instead using website A’s domain:


Hotlinking someone’s website assets can vastly increase their hosting costs. Credit goes to KeyCDN.

How to Avoid Hotlinking in CPanel?

Hotlink protection is a security feature in cPanel designed to reduce bandwidth consumption. It works by preventing third-party websites from directly linking to your content (for example, pulling in images hosted on your server for display on their own web pages).

You can whitelist specific URLs for permitted access to files, nominate specific file types to protect or redirect requests to a specific URL of your choosing.

To set up Hotlink protection in cPanel, head to Security < Hotlink Protection. Credit goes to: Hostpapa

Hotlink Protection option is available in CPanel.

How to Avoid Hotlinking by editing Htaccess?

By entering the lines below into an .htaccess file, you can prevent hotlinking to your website:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$ [NC] 
RewriteRule \.(gif|jpg)$ [R,L]

In the example above, change ‘’ to your website URL. This causes any hot-linked image to fail to load. You can change the last line to point to any image you like. This image should explain that hotlinking is disabled on your server.

The examples below use http. If you have added an SSL certificate to your site, make sure you adjust the code to use https instead.


Here is another example:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^*$ [NC] 
RewriteCond %{HTTP_REFERER} !^*$ [NC] 
RewriteRule .*\.(gif|jpg|jpeg|bmp)$ [R,NC]

You can change the last line to point to any image you like. This image should explain that hot linking is disabled on your server.

Blocking specific domains using htaccess hotlinking protection

The following code fails to load a hotlinked file, but no error is thrown. So, if the site contains a hotlinked image to your site, it would fail to load on their site:

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(www\.)?example\.com(/.*)*$ [NC,OR]
RewriteRule \.(jpeg|JPEG|jpe|JPE|jpg|JPG|gif|GIF|png|PNG|mng|MNG)$ - [F]

To protect other resources, such as video and audio files, add additional extensions to the RewriteRule parentheses block.

Allowing only specific domains for hotlinking using htaccess:

The following code only allows specific sites to load content. For example, the site has all of the content. The following code allows only and to load the content. All other sites attempting to request any resource fail to load the resource, but no errors are thrown:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www\.)?dreamhost\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(jpeg|gif|png)$ - [F]

In addition, since a user agent may not always specify an HTTP_REFERER value, the RewriteCond %{HTTP_REFERER} !^$ line allows the request to go through if the HTTP_REFERER value consists of a blank string.

Credit goes to: How do I prevent image hotlinking? DreamHost.

How to avoid hotlinking using a plugin for WordPress?

Configurable Hotlink Protection: blocks links to videos, images, audio files from a third party server. You do have the option to whitelist certain sites.

Configurable Hotlink Protection

P.S.ifyou are a WordPress user, you can easily use the plugin and you don’t need many things to do. Using htaccess to forbid hotlink is also easy. Please remember to take a backup of your htaccess file. If something went wrong, you will be able to restore your site.

Leave a Comment

Your email address will not be published. Required fields are marked *