...Setup Hotlink Protection

Any issues with adjusting your .htaccess file fall under our Best Effort support policy. Best Effort does not include content management, coding or designing for your websites. We may also direct you to a better resource for your issue, such as Plugin Developer, Designer, Software Author etc. Best Effort is not covered under the same SLA's as our supported services and does not guarantee any future support for any issue. Please understand that Best Effort issues may take longer to resolve.

When you create your website, you tend to also add images and other content to make things look better and add some character to your site. In doing so, you will upload an image and add it to your pages to be viewed. It is also possible, though not recommended, to use images that have been uploaded by others without needing to download and then upload that image to your site. This is called hotlinking.

Unfortunately, for people whose images have been hotlinked in this manner, they will likely notice an increase in their server resource usage as the new site using those images will be using your server's resources. Fortunately, you can prevent this by enabling hotlink protection on your site. This tutorial will walk you through the process of enabling hotlink protection on your site. This tutorial also assumes that you are familiar with accessing your site via SFTP

  1. First, you will need to sign into your site via SFTP
  2. You will now need to download the .htaccess file from your /web/content folder
  3. Once you've got the .htaccess file on your computer you will want to add the following lines to that file:
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http://(www\.)mydomain.com/.*$ [NC]
    RewriteRule \. - [F]
  4. Make sure that you alter mydomain.com to match your domain. Also, please be sure that you do not modify any other code within the .htaccess file.
  5. Once you've added the above lines, you will then want to upload the .htaccess file back to your /web/content directory
  6. Once uploaded disconnect from SFTP and check your site to make sure that there are no errors.

If the above doesn't work, I recommend trying the option below. It's more specific on which files it prevents hotlinking with, but it doesn't require that your edit it to match your domain. You just need to copy and paste it into your .htaccess file. Though you may want to add additional file extensions as not all media extensions are there:


# Disable hotlinking of media files
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} \.(?:gif|jpe?g|pdf|png)$ [NC]
RewriteCond %{HTTP_HOST}@@%{HTTP_REFERER} !^([^@]*)@@https?://\1/ [NC,OR]
RewriteRule \.(?:gif|jpe?g|pdf|png)$ - [NC,F]


If you're curious as to why you don't need to edit it and apply your domain, it's because for the main directive, it uses Atomic Backreferences which is enabled by default on almost all Linux based web servers.




Have more questions? Submit a request
Powered by Zendesk