Htaccess Tools
Professional Image Hotlinking Protection Generator
Stop other websites from stealing your bandwidth and assets. Our advanced hotlinking generator creates secure Apache rewrite rules that ensure your images, videos, and downloads are only displayed on your own domain, saving you money and protecting your content's integrity.
Inputs
- Authorized Domain: Enter your primary domain name (e.g., example.com) to allow it to display your images.
- Action Button: Use the 'Reset Configuration' button to clear fields and start over.
Outputs
- Custom .htaccess Rewrite Rules: A set of directives that block unauthorized referrers from loading your media files.
- Code Snippet Window: A highlighted view of the exact code needed for your server setup.
Interaction: Type your domain into the input field. The tool will instantly generate the specific mod_rewrite code needed for your server. Copy the result and paste it into your .htaccess file to activate the protection immediately.
How It Works
A transparent look at the logic behind the analysis.
Input Your Primary Website Domain
Enter your site's domain name into the generator without the 'http' or 'www' prefix. This tells the tool which domain should be granted exclusive permission to access and display your hosted media files.
Identify Protected File Extensions
The tool automatically includes the most common web image formats, such as JPG, JPEG, PNG, GIF, and WebP, in the generated rewrite rule to ensure comprehensive protection across all your visual assets.
Generate The Mod_Rewrite Snippet
As you type, our algorithm constructs a series of 'RewriteCond' and 'RewriteRule' directives that check the HTTP Referer header of every incoming request for your images against your authorized domain list.
Copy The Secure Code Block
Use the integrated clipboard button to securely copy the generated configuration. This ensures that the complex regular expressions and syntax remain perfectly intact during the transfer to your server's configuration file.
Deploy To Your Root .htaccess
Paste the code into the .htaccess file located in your website's public_html or root directory. Ensure that 'RewriteEngine On' is present at the top of the file to enable the Apache rewrite engine.
Validate The Referrer Blocking
Test your protection by trying to view an image from your site on a third-party domain or using a hotlink testing tool; you should see a broken image or a 403 Forbidden error.
Why This Matters
Protect your bandwidth and images by generating .htaccess code that blocks other websites from directly linking to and displaying your hosted media assets.
Significant Bandwidth Cost Savings
Hotlinking occurs when other sites use your server's resources to display images to their visitors. By blocking this, you ensure you aren't paying for traffic that doesn't benefit your own website or brand.
Faster Loading Speeds For Users
When third-party sites hotlink your images, they consume your server's processing power and connection slots. Preventing this frees up resources to serve your own legitimate visitors much faster and more reliably.
Protects Your Intellectual Property
Discourage content scrapers and low-quality sites from stealing your original photography or custom graphics. By breaking their hotlinks, you make it much harder for them to display your work as their own.
Prevents Unintentional Server Overload
A single popular site hotlinking one of your images can cause a massive spike in requests that might crash your server. Hotlink protection acts as a vital shield against these unexpected and unpaid traffic surges.
Maintains Content Control
Ensure that your media assets are only seen in the context you intended. Prevent your images from appearing on adult, gambling, or low-quality sites that could potentially damage your brand's reputation and SEO standing.
Key Features
Advanced Mod_Rewrite Logic
Utilizes the powerful Apache mod_rewrite engine to perform real-time referrer checking, providing a robust and enterprise-level defense against unauthorized asset requests and bandwidth theft.
Multi-Format Support
Pre-configured to protect a wide array of file types including JPG, JPEG, PNG, GIF, and the modern WebP format, ensuring all your visual content is shielded from hotlinkers automatically.
403 Forbidden Response
Configures the server to return a standard '403 Forbidden' status code to unauthorized requests, which is the most efficient way to block hotlinkers without consuming additional server bandwidth.
Real-Time Code Updates
The generated code updates instantly as you type your domain name, allowing for a seamless and error-free configuration process that adapts to your specific website requirements and setup.
Empty Referrer Support
Includes a critical condition that allows requests with empty referrers, ensuring that users can still view your images directly in their browsers or through email clients without any issues.
SEO Friendly Protection
Carefully crafted rules that protect your assets without interfering with search engine crawlers like Googlebot, ensuring your images can still be indexed and ranked in search results properly.
No Server Lag
The generated directives are highly optimized for Apache, meaning the referrer check happens almost instantly at the server level with virtually zero impact on your website's overall page load times.
Wildcard Domain Support
Automatically handles both the 'www' and non-www versions of your domain, ensuring that your protection remains active regardless of how your legitimate visitors choose to access your site.
Sample Output
Input Example
Interpretation
In this example, the user entered 'myblog.com'. The generator created a set of Apache rules that first ensure the RewriteEngine is active. It then checks if the 'HTTP_REFERER' is not empty and does not match 'myblog.com' (case-insensitive). If these conditions are met and the request is for an image file (.jpg, .png, etc.), the server is instructed to return a 403 Forbidden error ('F'). The 'L' flag ensures this is the last rule processed for matching requests, preventing further server overhead.
Result Output
# Prevent Image Hotlinking
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?myblog.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|webp)$ - [NC,F,L]Common Use Cases
Protecting Portfolio Assets
Ensure that your high-resolution portfolio images aren't being displayed on other sites without your permission, preserving your work's exclusivity and saving on high-traffic hosting costs.
Defending Original Graphics
Prevent other blogs from 'stealing' your custom infographics and charts by hotlinking them in their own articles, forcing them to download and host the files themselves if they want to use your data.
Reducing Image Server Costs
Protect your product catalog images from being hotlinked by price comparison sites or scrapers, ensuring your server resources are dedicated solely to converting your own shoppers into customers.
Client Site Hardening
Include hotlink protection as a standard feature for all client websites to provide an extra layer of professional security and performance optimization that sets your services apart from competitors.
Saving Shared Hosting Bandwidth
Critical for those on limited shared hosting plans where a single hotlinked image from a popular forum could quickly exceed your monthly bandwidth quota and lead to site suspension.
Protecting Icon Libraries
Prevent other developers from hotlinking your custom SVG or PNG icon sets directly from your CDN or server, ensuring you maintain full control over your design assets' distribution.
Troubleshooting Guide
Images Not Showing on Your Own Site
Ensure you entered your domain name exactly as it appears in the browser. If you use a CDN like Cloudflare, you might need to whitelist their IP ranges or enable hotlink protection through their dashboard instead.
All Images Broken After Update
Check for syntax errors in your .htaccess file. Even a single missing character can cause a 500 Internal Server Error. Always place hotlink rules below 'RewriteEngine On' but above any complex routing rules.
Google Images Not Indexing
While our code is designed to be SEO-friendly, some strict configurations might block search bots. If your image traffic drops, consider adding a specific exception for 'googlebot' and other major search engine crawlers.
Protection Not Working on Nginx
This generator is specifically for Apache servers. Nginx handles hotlinking differently using the 'valid_referers' directive within a location block in your site's .conf file, rather than using .htaccess files.
Pro Tips
- If you want to allow a specific partner site to hotlink your images, you can add an additional 'RewriteCond' line with their domain name before the final 'RewriteRule'.
- Instead of a 403 error, you can redirect hotlinkers to a 'shame' image by replacing the '- [NC,F,L]' part with 'http://yourdomain.com/stop-stealing.jpg [R,L]'.
- Regularly monitor your server access logs for 403 errors on image files to see which websites are attempting to hotlink your content and identify potential scrapers.
- Always test your new rules in an incognito window or after clearing your browser cache, as your browser might still show cached images even if the protection is active.
- For the most comprehensive protection, include other file formats like PDF, ZIP, and MP4 in your rewrite rule to prevent theft of your downloadable guides and video content.
- Consider using a professional CDN like Cloudflare alongside these rules, as they can handle hotlink protection at the edge, reducing the load on your origin server even further.
- If you find a site is still hotlinking despite your rules, they might be using a proxy. In such cases, you may need to block their specific server IP address entirely.
- Remember that hotlink protection relies on the 'Referer' header, which can be spoofed by advanced scrapers, though it effectively stops 99% of common bandwidth theft.
Frequently Asked Questions
What exactly is hotlinking and why is it considered bad?
Hotlinking is when a website links directly to an asset on your server (like an image) instead of hosting it themselves. It is bad because it steals your server's bandwidth and resources, potentially costing you money and slowing down your site for your own legitimate visitors.
Will hotlink protection affect my site's Google Image rankings?
If configured correctly using our tool, it should not negatively impact your SEO. Googlebot typically crawls without a referrer or with a specific identifiable one. Our code allows empty referrers by default to ensure maximum compatibility with search engines and various user browsers.
Can I use this tool on a WordPress website?
Yes, you can use this on any WordPress site hosted on an Apache or LiteSpeed server. Simply paste the generated code into your .htaccess file, which is usually located in the root folder of your WordPress installation alongside the 'wp-config.php' file.
Does this protection work for videos and PDF files too?
Yes, our tool can be easily adapted for videos and PDFs. You can simply add the extensions (like |mp4|pdf|zip) to the 'RewriteRule' section of the code. This ensures that all your valuable downloadable assets are protected from unauthorized third-party linking and distribution.
Why do you allow requests with an empty referrer?
Allowing an empty referrer is crucial because many privacy tools, firewalls, and even some browsers strip the referrer information for security. If you block empty referrers, legitimate users who type your URL directly or view your site through certain secure apps might not see your images.
What happens to the hotlinking site when I activate this?
When you activate hotlink protection, the hotlinking site will show a broken image icon to its visitors. Their browser will attempt to request the image from your server, but your server will reject the request with a 403 Forbidden error, preventing the image data from being sent.
Do I need to install any special modules on my server for this?
You only need the 'mod_rewrite' module enabled on your Apache server, which is standard on almost all modern web hosting plans. If the code causes a 500 error, it's possible that your host has disabled this module or restricted .htaccess overrides on your account.
Can I redirect hotlinkers to a different image instead of blocking them?
Yes, you can modify the last line of the generated code to point to a specific 'hotlinking is bad' image. However, be aware that serving a redirect image still consumes some of your bandwidth, whereas a 403 Forbidden error is the most resource-efficient way to stop hotlinkers.