What Is Hostlink Protection Hosting?
Hotlinking is active linking to content on your site (video, photos, documents, etc.) by a site on another server. This effectively reduces their bandwidth usage while increasing yours. Therefore many sites choose to prevent hotlinking.
There are other reasons, too. Someone could use your content without proper attribution, which is another concern. After investing the time, money and energy to build your website, the last thing you want is for someone else to profit from your content or build their own successful site at your expense.
Sadly, this happens all over the Web, every single day — hotlinking is just part of the problem.
Why many site owners prevent hotlinking
Since hotlinking is basically the practice of using content directly served by your hardware, via a direct URL to your site, many site owners frown upon it and view it as nothing more than bandwidth theft.
Another site gets all the visitors and ad impressions, but you get stuck with all the traffic from visitors bypassing your site and directly accessing your content. Browsers don't distinguish between URLs by server, so if your content is visible to the public, the URL is fair game for someone else's exploitation unless you employ some form of hotlink protection.
There are also a number of scenarios in which hotlinking can be used by malicious actors. For example, bandwidth theft is the most basic and obvious use of hotlinking, but it gets worse. Hotlinking can also be used in some forms of cross-site scripting and phishing attacks, hotlinks to legitimate sites to gain the victim's confidence. Hotlinking can be used to display copyrighted materials off another site and there are also a few other possible security loopholes — but they usually affect the party doing the hotlinking rather than your site.
Both Linux- and Windows-based servers have applications designed to combat hotlinking.
In general, hotlinking protection involves either purchasing and installing a third-party product (e.g. Hotlink Blocker) designed to mask your URLs from unauthorized views, or activating an existing protection measure already provided by your host (cPanel, the extremely popular web management panel provided by many hosts, comes equipped with a hotlink blocking capabilities).
Whichever you choose, the software will prevent unauthorized access to your content by concealing the actual URL of the content from sites not on its “approved” list. You can also configure it to reroute hotlinks to display an error page, your homepage, or even a promotional offer to lure visitors away from the hotlinker and onto your site.
If your host already supports hotlink blocking as part of its standard web management portal or control panel (usually cPanel), it shouldn't add any additional expense to your monthly hosting fees.
Third party products range from free to around $100, depending on the features offered. Shop around for the best match for your needs and remember to consult your host before installing any third-party software onto your server.
Different platforms may require a different approach
It also depends on the platform you are using. Some servers use the HTTP referrer to detect hotlinking and display a condemnatory message in place of the expected content. If you have full access to the server, you can also configure it differently, to display a different message or simply not serve the content with no explanation.
On Apache servers you can use the mod_rewrite module to reject or redirect hotlinks to your content. On Microsoft Internet Information Services (IIS) platforms, you can rely on third party software to combat hotlinking.
However, most hosting companies offer the functionality even with basic hosting plans and provide a step by step guide for users who wish to enable it. This is usually done via cPanel — you simply need to follow instructions and tweak the settings to best suite your needs. For example, you can allow affiliate sites or ‘friendly' sites and discussion forums to use your images, as they will give you proper credit and link to your original content, boosting your impressions and search ranking.
It all depends on your hotlinking policy. For example, you can also block specific domains, block all domains, or block most domains by editing the .htaccess file — it is entirely up to you.
WordPress also has a number of plugins promising to watermark images and prevent hotlinking, but their capabilities tend to be limited. While it involves a bit more work, you are probably better off using the cPanel or .htaccess approach.
Here's What Your Hotlink Protection Hosting Needs To Offer
People often steal your content and bandwidth by placing media stored on your server into their pages. This is called hotlinking. There are many products on the market that prevent hotlinking. For example, cPanel comes with a simple tool that allows you to limit the sites that can use your media files. But you may need more advanced tools. We suggest SiteGround for hotlink protection.
Find The Best Hotlink Protection Hosting For You
Hotlink Protection Hosting Frequently Asked Questions
What is hotlink protection?
Hotlink protection is an option most web hosting companies provide to prevent other websites from directly linking to images or resources hosted on your website.
Why should I enable hotlink protection?
When another website directly links to images or resources on your site, it uses up your bandwidth. This can result in exceeding bandwidth limits imposed by your host and possibly extra charges. Illegitimate forms of hotlinking may even steal valuable traffic from your website or be used for malicious cross-site scripting and phishing attacks.
How can I enable hotlink protection in cPanel?
If your host provides hotlink protection, you will see a Hotlink Protection icon under the security section in cPanel. Simply click the icon and enable the option on the Hotlink Protection page. You will then have the option to specify a list of allowed URLs, select image files types you want to protect, and select a redirect URL for hotlinks.
What can I set the redirect URL to with hotlink protection?
Some possibilities for redirect URLs include links to an error page, your home page, or a promotional offer to attract visitors to your site instead of the hotlinker's site.
How do I know my hotlink protection is working?
There are a number of tools available, including free ones, that can test hotlink protection by creating a temporary link to an image on your site. If the temporary page is able to pull your image, your hotlink protection is not working.
Is there any risk involved in enabling hotlink protection?
Since hotlink protection provides additional security, it should not put your content or server at any risk. However, there is a chance that it could block legitimate access such as image search engines or sites that link to your site which could result in a drop in traffic. So be sure to allow access to any sites that may benefit you.
Can users download my images if I turn on hotlink protection?
Yes. Hotlink protection only stops other websites from linking directly to your images. It does not stop users from downloading images directly from your website.
How do different servers reject hotlinking?
Hotlink redirects depends on the server in question. For example, some servers use the HTTP referrer to detect hotlinking and display an error message. Other servers such as Apache use mod_rewrite to redirect traffic to a different URL. IIS relies on third party programs to perform the redirects.
Is it possible for me to enable hotlink protection without cPanel?
Yes, it is possible but it depends on the control panel your host uses. Some options to add hotlink protection include one-click installs, modification of an option in the .htaccess file, or manual installation of a third party program.
Am I able to perform hotlink protection through WordPress?
Yes, WordPress has some plugins promising to watermark images that have been hotlinked. However, this may be ineffective as an overall strategy to prevent hotlinking.
If I want to use an .htaccess file to block hotlinking, how do I create one in Windows?
To create an .htaccess file in Windows, open up a program like Notepad, use the "All types (*.*)" option when you save, and enter the .htaccess name in the save dialog.
Are there any programs that will automatically create a .htaccess file to block hotlinks?
Yes, there are a number of tools available. Sites like htaccesstools.com allow you to set restriction levels, redirect hotlinks to a specific URL, and specify image types you want to protect. These sites will then generate an .htaccess file that can be directly uploaded to your server. But be careful! You don't want to overwrite what is in your existing .htaccess file.
What are potential differences between paid and free hotlink protection?
Some differences could include general convenience and what can be customized in terms of what's protected and who has access. If you just need to protect image files, the free protection should be enough. To protect other content or set up highly-specialized exceptions, paid options might be a better choice.
Are there guides for creating my own .htaccess hotlink protection?
Yes, there are several guides available online that will walk you through various options for hotlink protection. Since the best approach is constantly changing, review several options, view the most recent guides, and select the approach that provides the most complete protection.
Am I able to legitimately hotlink to another website's resources?
Yes. A legitimate way to hotlink to someone else's content is to send a message to the website owner and ask permission. If permission is given, then provide proper credit and a link back to their website. If the site owner is not willing to let you hotlink, try proposing using an image server so you won't use up their bandwidth. But make sure you don't violate copyright laws.
Does hotlink protection prevent other direct links, such as a link from an email?
Yes, direct links will be prevented. However, you can allow them in email messages you send out, through most hotlink protection programs.