What is hotlinking ?
In plain English it is one of those annoying things that you put up with when you own a website – especially one with beautiful media files. This is when an outside web source is actively linking and accessing a resource hosted by you, which was not created to be accessed in isolation. The linked resources could be images , audio, video , pdfs and so on.
So what exactly is the problem ?
More often than not it is not an issue to worry about – an image hotlinked here or there is not going to cause you much heartburn and if you keep track of your analytics and server stats you have pretty good idea about who links to which resource of yours.
From an SEO standpoint it can be considered as a desirable activity as part of link building . It might boost your ranking with search engines. On the flip side, if the hotlink is being accessed many times without generating any other traffic for you (page views) it just drains your bandwidth. It is even more of an issue when scrappers try to pass of your beautiful content as their own!
How does it work ?
Well this is not a tutorial for hotlinking but understanding how it works can help you in preventing it. To hotlink a resource all you need to know is the url to it. For example in many web browsers you can right click on an image and copy the link to it . Paste the link on the new browser window and voila you have accessed it without going through the page hosting it.
Another way is to look at the page source, more often than not the source will tel you all you need to know about the resources accessed by and displayed on the page.
Right Click is it ?
Yes – that is one way of preventing hotlinking to the pages . Use a plugin to disable right clicking and view source is one way to do it. This is going to discourage only the laziest of scrappers . But yes , you have to add a plugin or script to the site and this could potentially affect the site load speed.
Using cPanel
Chances are your webhost is using cPanel. It might look different from host to host , but the underlying scheme will be the same. The good thing about cPanel is that it is user friendly and intuitive. The fear of “Am I going to break the server ” is much less when using this interface than when you make changes directly to the files.
So login to your cPanel and look for something like this – Hotlink protection will be grouped under Security , so look for it there ..
Click on the hotlink protection. The default for this setting is disabled. Click on enabled and add a list of all the sites that you want to allow to hotlink to the list. There may be a default list populated with all the sites that are owned/managed by you.
The next step is to define what resources to block the direct access to – again by default the image files extensions may be populated here. If not add the extensions of resource here – as in the picture .
Finally check the box for allowing direct access. This allows users to type the url directly on a browser address bar and access it and helps certain types of users who are behind firewalls that strip the referring url information.
Here is an example of what happens when hotlinking is disabled.
This should be a warning for you to avoid hotlinking as well. Remember it is a resource you have no control over !
Redirect ?
Well here is the fun part – you could redirect these request to a specific url – say “OOOPPPPS I I thought it was here to steal ” or something similar or you could direct it to your homepage . But remember it is still your bandwidth that is being utilized.
As for me I would leave it be.
Do you want the geeky version ?
Well here is what you do.
Go to your .htaccess file . Don’t know what and where it is ? Just do the cPanel version.
Add this code to your .htaccess
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www.)?MyDomain.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .(jpeg|jpg|gif|png)$ – [F]
Replace MyDomain with your domain name and this code will return a Forbidden error for all request other than thos e come from your own domain.
Now if you want to prevent only a certain site from linking to your site here is what you do
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(www.)?Idontwantyoutolink.net/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www.)? Idontwantyoutolink.com/ [NC]
RewriteRule .(jpeg|jpg|gif|png)$ – [F]
This will prevent Idontwantyoutolink.net and Idontwantyoutolink.com from hotlinking to your site’s images.
You have to add an entry for each site that you need to prevent from linking.
What to watch out for
Using these access control rules are also a drain on the server resources. Every time a resource is requested the server has to run through the checklist and verify, which could in turn slow things down as the traffic volume increases. So you have to strike a balance. Sometimes something as simple as renaming a resource does the trick. Here again use caution, it might break a legitimate link that you would rather leave intact.
There are many valid instances where hotlinking is your ally – rss feeds, image searches all use these and if these are a major source of traffic for you , you have to make sure that their access to your site’s content is not compromised.
In conclusion
Preventing hotlinking in this manner should not be your first line of defense. Make sure that there is a clear copyright and content policy defined that you can link to and send to the errant owners. Most cases that will the last you hear of it . The content is copyrighted even without a clear notice , but more often that not people are unaware of it.
References
Wordpress htaccess – http://httpd.apache.org/docs/trunk/howto/htaccess.html
Apache htaccess – http://httpd.apache.org/docs/trunk/howto/htaccess.html
Apache rewrite rules – http://httpd.apache.org/docs/trunk/mod/mod_rewrite.html#rewriterule