1. Home
  2. Hosting Management
  3. Website Security
  4. How to Enable HotLink Protection in cPanel and .htaccess
Searching...

How to Enable HotLink Protection in cPanel and .htaccess

Table of Contents

A hotlink occurs when someone is directly linking content from your site to another site and uses your bandwidth to serve the files. For example, when someone is displaying an image hosted on your server on their own web pages. You can use this Hotlink protection security feature in cPanel in order to prevent this from happening.

This tutorial assumes that you are already logged into cPanel.

To enable hotlink protection in cPanel, follow the steps below:

Once logged into cPanel, head up to Security > Hotlink Protection.

Hotlink protection in cPanel.png
cPanel > Security > Hotlink Protection
  1. Click Enable. A new page will open that displays the Allowed referrers and Protected extension lists.
  2. Click Go back.
  3. To allow specific sites to hotlink to your website, add their URLs in the URLs to allow access menu.
  4. To block direct access to files of specific types, add those file extensions to the Block direct access for the following extensions text box.
    • For example, to block all .jpg images, add .jpg to the Block direct access for the following extensions text box.
    • When you block these file types, others cannot hotlink those types of files from your website regardless of any other settings.
  5. To allow visitors access to specific content through the URL, select the Allow direct requests checkbox.
    • For example, if you enable this option, a visitor could enter http://www.example.com/folder/example.jpg as a URL to access the example.jpg file.
  6. To redirect requests for certain content, enter the URL to which you want to redirect your visitor in the Redirect the request to the following URL text box.
  7. Click Submit.

To disable hotlink protection, click Disable.

When you click Disable, the system deletes the entries in the List the URLs to which you wish to allow access list. We strongly recommend that you save the list locally before you disable hotlink protection.

If you are not using cPanel on your server, you can still enable hotlink protection easily through the .htaccess file. You’ll just have to use the following code snippet.:

RewriteEngine on
# Remove the following line if you want to block blank referrer too
RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^https?://(.+\.)?example.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|bmp)$ - [NC,F,L]

If you want to display a “blocked” image in place of the “hotlinked” image, replace the last rule with:

RewriteRule \.(jpg|jpeg|png|gif|bmp) https://example.com/blocked.png [R,L]

Now you know how how to enable or disable hotlink protection in cPanel or by .htaccess

Updated on April 13, 2022
Was this article helpful?
Yes No

Related Articles

Spring into Savings!
Up to 78% Off Hosting Plans + Free Migration!
👉 View Deals

Leave a Comment