Desi blogger is a blog created to solve all your problems basically related to things that were less or never explained on the internet. I am Amit. I am an admin and author on this blog. I write posts to help people and make their day just because I love to get a sweet "thank you" from them. Visit desiblogger blog to learn something interesting and something new everyday.

Advertisement

LightBlog

Monday, 20 January 2020

Prevent hotlinking using htaccess

Hotlink protection using htaccess


One of the most beneficial use of htaccess is to prevent hotlinking of images , videos and other documents on your website.
You can use htaccess to prevent hotlinking of your media and other documents.



What is hotlinking?


It means to display an image on a website by linking to the website hosting the image.
For example : An image "cat.jpg" hosted on server1 can be displayed on "server2" using src link to server1 .
This uses the Server1 resources to load and display the image.


Why you should prevent hotlinking ?



Hotlinking consumes your server resource like bandwidth which can slow down your server performance.

If your hosting server provides limited bandwidth then "hotlink blocking" is useful for you as you do not want your server to be down by external http requests.



RewriteRule to prevent hotlinking


Many people who don't want their site to be hotlinked use htaccess.
It's easy to stop hotlinking using an htaccess file.

The following is a basic Rule to prevent image hotlinking on your website :


RewriteEngine on

RewriteCond %{HTTP_REFERER} !^http://yoursite\.com [NC]
RewriteRule \.(jpg|png|gif)$ - [F]


This checks the "HTTP_REFRRER" domain string , if its not http://yoursite.com then any calls to jpg , png and gif files on your site will get a F 403 forbidden error.

Linking an image file on another server using your domain "http://yoursite.com" will show a forbidden error.
For example, <img src="https://yoursite.com/image.jpg"> won't load the image file on another server.


If yoursite.com is accessible by both https or www , then to prevent hotlinking you need to use a regex based pattern in RewriteRule to match both versions :


RewriteEngine on

RewriteCond %{HTTP_REFERER} !^http(s)://(www\.)?yoursite\.com [NC]
RewriteRule \.(jpg|png|gif)$ - [F]



This will prevent hotlinking of image files on "https://www.yoursite.com" , "https://yoursite.com" and "http://yoursite.com" (with or without www) .


Keep in mind that, hotlink protection doesn't mean your images won't be indexed by search engines. Google will still index your images as it doesn't use http referer header to find and index files.

Your images will still appear on search results but can't be used on another website by linking to your server.




Stop hotlinking of video files.



You can use the following rule to stop hotlinking of video files on your server.

I have just added one extension in the rule . If you have more video extensions to stop hotlinking you can add them in the pattern using regex like this \.(mp4|ext2|ext3)$ .


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?yoursite\.com [NC]
RewriteRule \.mp4$ - [F]

This will set a hotlink protection for mp4 files on your server.



htaccess Allow/Deny hotlinking



By using the above rules you deny hotlinking to all external sites. If you want to allow access to a specific external site that can use your media files then use :


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?(example1.com|example2.com) [NC]
RewriteRule \.(jpg|png|gif)$ - [F]


This will block image hotlinking for all sites except "example1.com" and "example2.com" . If the "example1.com" is hosting the image files then you can also hotlink those images on "example2.com" .



Display a static image for hotlinked requests




You can show a static image for hotlinking calls on your server using htaccess.
Instead of 403 error you can rewrite all hotlinking calls to an image file this will make it so that when someone tires to link your image on their website they will get the image instead of the one they intended to show.

This does use your bandwidth but this way you can reduce the number of hotlinking calls on your server.


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?yoursite\.com [NC]
RewriteRule \.(jpg|gif|png)$ /hotlink.png [L]




Hope this article was helpful.
Thanks for reading!

No comments:

Post a comment

Adbox