Menu Close

How to Hot Link Protect Your Files by .htaccess File

The hot link Protection technique allows you to prevent other websites from directly linking to files on your website. This is most commonly used to prevent other web sites from displaying your images but it can be used to prevent people using your JavaScript or CSS (cascading style sheet) files. The problem with hot linking is that it uses your bandwidth, which in turn costs money, hot linking is often referred to as ‘bandwidth theft’. If you are using hot link protection technique, other websites that hot link to your files will display an error or show nothing.

This means that when another website is visited, it cannot load pictures from your pages – this is one of the ways for limiting the outbound traffic for your account.

An example of hot linking. Say I like the image or your css file on your website, and I want that image or the css file in my site. If I use the full URL of your image or css file on my site, then the image or the css file is downloading from your site every time someone looks at my site. This means I am using your bandwidth for the image. When you enable Hot Link Protection, then I cannot steal your bandwidth anymore.

To set-up hot link prevention for ‘.gif’, ‘.jpg’ and ‘.css’ files, create a .htaccess file following the main instructions and guidance which includes the following text:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$ [NC]
RewriteRule \.(gif|jpg|css)$ - [F]

RewriteEngine on – make sure mod_rewrite is turned on in your website; For how to check whether your mod_rewrite is on, please check Term MOD_Rewrite


The flag “[NC]” is added to the end of the domain to make it case insensitive, so whether the domain is “”, “YOURdomainNAME.COM” etc, whatever it shows, it can get the image or css file;

RewriteRule \.(gif|jpg|css)$  – [F] the last line in the .htaccess file specifies that the action to take when a match is found is to fail the request, meaning the referrer traffic will hit a 403 Forbidden error.

If, However, if you want your own image show to the visitors of other website that steal your traffic. You can upload your angry picture

Angry Hot Link Cat

The Last link can be :

RewriteRule \.(gif|jpg)$ [R,L]

The Whole htaccess file can be:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$ [NC]
RewriteRule \.(gif|jpg)$ [R,L]

Cpanel and Plesk have Hot Link Protection tools

In your cpanel control panel, you have a lot link protection link, click it. You will go to following page:

Hot Link Protection Tool

  1. Make sure the domain name you wish to protect is in the box called “URLs to allow access”.
  2. In the box called “Block direct access for these extensions”, provide the extensions for which you would like to block.
  3. We suggest you check the box for “Allow direct requests”.
  4. Skip the “Redirect request to this URL” box and hit Submit.

You have now protected your images from being hot-linked. Just be sure that all of your additional domains are in the Hot Link list.

WordPress Hot Link Protection Plugin

You can search wordpress website and find the plugin. Just in your wordpress admin dash. click add new plugin and search “hot link protection”. You will find a lot of hot link plugins.