htaccess hotlinkingIf you have been the target of content theft and the offender is stealing lots of your bandwidth by hotlinking your images, you can put this to a stop by editing your .htaccess file. Hotlinking of images can cause serious web hosting issues especially when you are running a huge photo gallery. It can have a big strain on your server, as well as, impacting your bandwidth allowance that your hosting company have given you. As such you need to put hotlinking activities to a halt the moment you discover them.

For the benefit of those totally new to the file .htaccess, it is basically a top directory level configuration file that contains settings pertaining to site-access, security, protecting your directories, managing 404 pages, etc. This is a very important file that needs to be handled carefully.

Using the .htaccess file, we can control on any of the following:

  • what are the websites that are allowed to show our images
  • what are the websites that are to be prevented from showing our images
  • option to allow or deny blank referrers
  • displaying custom pictures when hotlinking is detected

Ready to start, yes? Here are the steps to prevent hotlinking with .htaccess

  • First make sure you do a backup of your .htaccess file. Use your preferred FTP and connect to your server. For me, I am using FTP Filezilla. Search on your root folder for the “.htaccess“, with the period ‘.’ in front.
  • For WordPress blog owners, look for the file in /public_html/
  • Download the file, and use notepad to open it up
  • Do not panic if don’t have the .htaccess file, you can just create the file using notepad, and save it without adding any file extensions. Not even .txt
  • After you have made a backup copy of your .htaccess file, we can now proceed to include a several lines of codes to stop those shameless people from stealing your bandwidth.

edit htaccess file to prevent hotlinking , hotlink


Codes to include

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)? [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ [NC,R,L]

These 4 lines may look alien or complicated to you, so let me just explain a little

Line 1: must include as this turns the runtime rewriting engine ON

RewriteEngine on

Line 2: optional, but recommended. This line means you allow visitors with blank referrer information to view your images. Blank referrers commonly happens when the visitor uses a firewall or anti-virus software when surfing the Web. If you are sure this is not needed, you can remove this line.

RewriteCond %{HTTP_REFERER} !^$

Line 3: the purpose of this line is to include the domain/website that is allowed to show or link-to your images. So if you two or more blogs sharing the same image source, you can duplicate this line, and change the domain name accordingly.

RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)? [NC]

For me, I am only allowing images to be loaded on, therefore mine look like this:

RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)? [NC]

Line 4: this line is to be interpreted in two parts. The first part, (jpg|jpeg|png|gif), refers to the types of images that you want to prevent hotlinking. You can add more image type by separating them with “|”. The second part refers to a customized image that can be loaded when someone hotlinks your image. Generally the customized image is used to inform any potential visitor, on the offending page, that the images belonged to you (original source).

RewriteRule \.(jpg|jpeg|png|gif)$ [NC,R,L]

If you are using the customized link, becareful and make sure that the image is not hotlink protected, otherwise it is going to be an endless loop.

The Last Step

After you have finish editing the .htaccess file, your final step will be to upload the file to the directory for the new configuration to take effect. To see whether is it working, visit the offending page,



Lincoln is a fan of Apple products, loves red wine and traveling. He blogs on internet marketing, social media, wordpress tips & guides, and using technology to maximize efficiency. Follow him on Twitter or Facebook for regular updates.
Tagged with →  

Leave a Reply

Your email address will not be published. Required fields are marked *