Updated on Feb 9, 2018
Hotlinking is a direct linking to another website's resource (mainly images) which uses the bandwidth of that website instead of the bandwidth of the website which links it. It is also known as bandwidth theft and is frown upon in the internet communities.
Hotlinking can be something as simple as using as an avatar or a signature, an image someone saw on another website, without actually downloading it and then uploading it to the forum/platform that they want to use. As the avatar and signature are viewable on all of that person's posts, even a small image has the potential to generate a lot of bandwidth depending on the number of people loading pages where those posts are present.
Hotlinking can also trigger unwanted aggression from the webmaster which bandwidth is being used as he can switch the image at any time. This can turn the favorite movie character of a person to pornography materials or another prohibited element that might get the offender into trouble after this "switcheroo". Furthermore, displaying images which are not owned by the one displaying them may be a violation of copyright, making him susceptible to legal actions.
In this tutorial, we will show you how to protect your content from Hotlinking so you don't have to worry about bandwidth being stolen from you.
Firstly, login to your cPanel account, go to Security → Hotlink Protection module or search for Hotlink in the search bar.
Now click on the Enable button to start the protection service.
By default, all of your other addon domains and subdomains will be included in the list of URLs that have access to your content. If you need to provide access to any additional websites or remove access just edit this list. *Make sure you have a backup of this list if you have edited it but want to temporarily disable hotlink protection. This is due to the list being reverted back to default once you re-enable the Hotlink Protection.
To change the list of file types which you wish to block, edit the list by separating the different extensions with a comma.
You can also direct the requests for such files to another URL - let's say a warning page informing the user of what Hotlinking is and why its forbidden on your website.
Once you are done, click on the Submit button to apply all the changes.
You can also manually apply hotlink protection by editing your website's .htaccess file. As this is a more advanced way of setting up hotlink protection, we will not go into the details of how to find your .htaccess file. Just copy this code snippet at the top of your .htaccess:
RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC] RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
You are now protected from Hotlinking - the most common form of bandwidth theft.