Search Our Database

How to protect bandwidth by preventing image hotlinking

Last updated on |

Introduction

This guide is for website administrators who want to protect their server bandwidth by preventing unauthorized use of images through hotlinking. Hotlinking occurs when other websites link directly to your images, causing excessive bandwidth usage on your server. This guide explains how to block hotlinking by configuring your server’s settings, particularly focusing on Apache and Nginx. You should apply these solutions when you notice bandwidth spikes or want to proactively secure your resources from misuse. These methods will help safeguard your website’s performance and ensure optimal use of your server’s bandwidth.

 

Prerequisites

  • Access to your website’s .htaccess file or the equivalent configuration file.
  • Basic understanding of server configurations, particularly for Apache or Nginx.
  • An FTP client or direct access to your website files.

 

Step-by-Step Guide

1. Edit the .htaccess file (For Apache servers)

  • Open the .htaccess file located in your website’s root directory.
  • Add the following code to the file:
RewriteEngine on 
RewriteCond %{HTTP_REFERER} !^$ 
RewriteCond %{HTTP_REFERER} !^https://yourdomain.com/.*$ [NC] 
RewriteCond %{HTTP_REFERER} !^https://www.yourdomain.com/.*$ [NC] 
RewriteRule \.(jpg|jpeg|png|gif)$ - [F,NC,L]

 

  • Save and upload the updated .htaccess file to your server.

Explanation:

  • The RewriteCond lines allow requests from your domain.
  • The RewriteRule blocks image requests (jpg, jpeg, png, gif) from other websites.

 

2. Customize the blocking message

If you want to display a custom message or redirect users to another page instead of just blocking them, modify the rule as follows:

RewriteRule \.(jpg|jpeg|png|gif)$ https://yourdomain.com/blocked.png [R,L]

Here, visitors from external websites will see the image you specified (blocked.png) when they attempt to hotlink.

 

3. For Nginx users

For websites hosted on Nginx, add the following code to your nginx.conf file under the relevant server block:

location ~* \.(jpg|jpeg|png|gif)$ { valid_referers none blocked yourdomain.com *.yourdomain.com; if ($invalid_referer) { return 403; } }

This blocks unauthorized referrers from accessing your image files and returns a 403 Forbidden response.

 

Conclusion

Preventing hotlinking is essential to protect your bandwidth and server resources. By implementing the above steps, you ensure that your images are not abused by other websites. Make sure to adjust the configuration based on your server type (Apache or Nginx) and customize the blocking method as needed.

For additional assistance or if you encounter any issues, please contact our support team at support@ipserverone.com.

 

Article posted on 22 March 2020 by Louis