Using Hotlink Protection

Tweet about this on TwitterShare on FacebookShare on Google+Share on LinkedIn

Hotlink ProtectionI have read more topics and posts about hotlink protection over the years than I can remember anymore. Some people say it’s a good idea, but I am not completely sold on enabling or using it. I have looked into it on a number of occasions, but never committed to using it.

If you use cPanel hosting there is a feature in your hosting account usually found in the Security area titled “HotLink Protection“. If you go there you can enable it and set your preferences. What it basically does is just write rules to your .htaccess file based on what you enter on this page or area.

You can do the same thing by manually entering hotlink protection rules or code in your .htaccess file. I prefer the manual way because I know exactly what and where the code will be entered.

I have seen more variations of hotlink protection code than I can count. All of the ones I have looked at are similar, but not exactly the same. I actually tested several code variations recently and each of them behaved differently. Most of the differences I noticed were related to different browsers, which really don’t make a lot of sense. One hotlink protection code would work in one browser, but not in another. I tried several different varieties of code and none of them worked properly in all of the three browsers (Internet Explorer, Google Chrome, and Mozilla Firefox) I tested. Again, I have no idea why that would be and it doesn’t make a whole lot of sense, but that is what happened.

Hotlink protection is used so someone can’t use your images, pages, or files on another site. If a site adds an image that is being served directly from your website it would be denied. Usually it’s referred to as leeching or bandwidth theft, and it’s fairly common. Here is an older, but excellent post worth reading: Creating the Ultimate htaccess Anti-Hotlinking Strategy.

I know there are websites that use screen shots from my dolphin tutorials. Sometimes they even use them claiming they wrote a tutorial and insert my images so it appears on their website. Not only are they using my bandwidth, but it’s disappointing to see my work copied and used elsewhere.

Enabling hotlink protection that actually worked properly would eliminate most of this, but at the same time I am thinking it will also block things like Google Images from indexing images. Same with readers like Google Reader.

I can create additional rules to allow these kinds of things, but trying to keep up with all of the different sites and services could be overwhelming.

So as much as I wouldn’t mind blocking or preventing some of these things from happening with hotlink protection I don’t know that it is such a good idea.

I was thinking even if a site were using some of my images maybe I would get a backlink out of the deal. In most cases they just linked to the image directly, which doesn’t help much. Others just use the image without linking to it, so no benefit there either. I did find one site that actually linked to my site. It was a nofollow link, but better than nothing.

I guess it’s just one of those things you accept and live with. There is no way to prevent everything. You can’t prevent every bot out there, and you are not going to stop everyone from stealing bandwidth, images, files, etc. At least not without spending more time than it would be worth. I just wish they would upload, store, and use images from their own web hosting account instead of mine.

About: Jeremy LeSarge - AKA: Ray (209 Posts)

I am the site owner and administrator of I provide help and tips for Boonex Dolphin on the main part of this website where you will also find an assortment of other resources. Here, on the blog I write about a variety of topics surrounding WordPress, technology, social media/networking, SEO, and webmaster resources.


  1. Reply

    That’s interesting; generally, if it’s a photo I’ve taken or a graphic I’ve created, I don’t want anyone storing it on their own site or drive without permission, but the nature of the web allows links, and I don’t have a problem with linking back to the source. (If I hate what they’ve done, I can always change the name of the file or replace it with something they don’t really want shown – in other words, the work stays within the creator’s control.) I get what you’re saying, but how do you balance the nature of the Internet, copyright law, and bandwidth restrictions?

    • Reply

      I know hotlink protection has been around for quite a while now. It probably came in handy when hosting companies didn’t allow as much bandwidth usage as they do now. I am not bothered by a few here and there just as long as something doesn’t hammer my hosting account with too many requests in a short time period. The topic of internet copyright law seems to be a hot, touchy subject lately. Honestly, I haven’t followed it as much as I probably should. What I did read about was very long and a bit confusing.

  2. Roger Jignesh Parekh


    I haven’t paid too much attention to my cPanel, but after reading your article I’ll definitely check if it has “HotLink Protection.“ Thanks!

  3. Reply

    Hi, I was not aware on HotLink protection, the topic is new for me.
    While making sense for articles & written content, I however doubt that one may successfully protect images with it – anyway PrintScreen is a rather known option which may always be used to copy a photo, so that the only protection you have is your copyright you would place on your photo.

  4. Don


    All they have to do is grab the images from their cache and their good to go. Hotlink protection is only to block computer illiterates from stealing your content. Same with right click protection.

  5. Reply

    I think placing a link on your site linking to the image from the other site is just Robin Hood-ish. Not only are you stealing an image, but you’re stealing bandwidth as well. Do you want me to write the post for you too? That’s the problem with SOPA, they’re focusing on the wrong thing. But lets be honest, who can ever cipher through the trillions upon trillions of code to where the perpetrators come from. Honestly can’t.
    bbrian017 recently posted..Get ready @blogengage is giving away $500 USD in FebruaryMy Profile

    • Reply

      It is kind of interesting sometimes checking to see where things are coming from and going to. Usually I just happen to notice while looking for something else. It would be difficult to stop or prevent everything that I didn’t want. I guess what it might come down to is does one want traffic or no traffic.

    • Reply

      It is annoying and becomes difficult or nearly impossible to prevent everything. Certainly something to be aware of and keep an eye on if you can.

  6. Reply

    Hotlinks does’nt sound so bad at all.I don’t think it could hurt to finally commit to this one.And it might actually speed up your work versus to putting those codes manually.

  7. Reply

    “Wilson Floss” Hotlinks does’nt sound so bad at all…. what ?

    How do you feel today about what google hotlink full-size images without any embarrassment, and if hotlinking is theft, Google can be the biggest thief in the world!

    For those using wordpress, try WP-PICShield … can be helpful.

    • Reply

      Some people don’t mind things like Google images / search. I guess they figure they might get a little traffic from it. Others are absolutely against it.

Leave Comment

Your email address will not be published. Required fields are marked *

CommentLuv badge