{"id":7705,"date":"2018-09-03T11:38:32","date_gmt":"2018-09-03T03:38:32","guid":{"rendered":"http:\/\/rmohan.com\/?p=7705"},"modified":"2018-09-03T11:38:32","modified_gmt":"2018-09-03T03:38:32","slug":"hotlink-protection","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=7705","title":{"rendered":"Hotlink Protection"},"content":{"rendered":"

<\/a>Enable Hotlink Protection on Apache<\/h3>\n

If your WordPress site is running on Apache, all you need to do is open the .htaccess file in your site\u2019s root directory (or create it) and add the following:<\/p>\n

RewriteEngine on\r\nRewriteCond %<\/span>{<\/span>HTTP_REFERER<\/span>}<\/span> !<\/span>^<\/span>$\r\nRewriteCond %<\/span>{<\/span>HTTP_REFERER<\/span>}<\/span> !<\/span>^<\/span>http<\/span>(<\/span>s)<\/span>?<\/span>:<\/span>\/\/(www\\.)?yourdomain.com [NC]<\/span>\r\nRewriteCond %<\/span>{<\/span>HTTP_REFERER<\/span>}<\/span> !<\/span>^<\/span>http<\/span>(<\/span>s)<\/span>?<\/span>:<\/span>\/\/(www\\.)?google.com [NC]<\/span>\r\nRewriteCond %<\/span>{<\/span>HTTP_REFERER<\/span>}<\/span> !<\/span>^<\/span>http<\/span>(<\/span>s)<\/span>?<\/span>:<\/span>\/\/(www\\.)?bing.com [NC]<\/span>\r\nRewriteCond %<\/span>{<\/span>HTTP_REFERER<\/span>}<\/span> !<\/span>^<\/span>http<\/span>(<\/span>s)<\/span>?<\/span>:<\/span>\/\/(www\\.)?yahoo.com [NC]<\/span>\r\nRewriteRule \\.<\/span>(<\/span>jpg|<\/span>jpeg|<\/span>png|<\/span>gif|<\/span>svg)<\/span>$ http:<\/span>\/\/dropbox.com\/hotlink-placeholder.jpg [NC,R,L]<\/span><\/code><\/pre>\n
The second line allows blank referrers. You will most likely want to enable this as some visitors use a personal firewall or antivirus program that deletes the page referrer information sent by the web browser. If you don\u2019t allow blank referrers, you could inadvertently disable all of your images for those users.<\/p>\n
The third line defines the allowed referrer, the site that is allowed to link to the image directly, this should be your website (update yourdomain.com above with your domain). The fourth, fifth, and sixth lines add search engines to the allowed list, because you don\u2019t want to block crawlers such as Google bot or Bing bot. This could prevent your images from showing and indexing in Google image search.<\/p>\n
If you are using the above rules along with a CDN, you might also need to whitelist your CDN subdomain.<\/p>\n
<\/a>Enable Hotlink Protection on NGINX<\/h3>\n
If you are running on NGINX<\/a>, all you need to do is open\u00a0your config file and add the following:<\/p>\n
location ~<\/span> .<\/span>(<\/span>gif|<\/span>png|<\/span>jpeg|<\/span>jpg|<\/span>svg)<\/span>$ {<\/span>\r\n     valid_referers none blocked ~<\/span>.<\/span>google.<\/span> ~<\/span>.<\/span>bing.<\/span> ~<\/span>.<\/span>yahoo.<\/span> yourdomain.<\/span>com *<\/span>.<\/span>yourdomain.<\/span>com;<\/span>\r\n     if<\/span> (<\/span>$invalid_referer<\/span>)<\/span> {<\/span>\r\n        return<\/span>   403<\/span>;<\/span>\r\n    }<\/span>\r\n}<\/span><\/code><\/pre>\n
Enable Hotlink Protection on Apache <\/p>\n
If your WordPress site is running on Apache, all you need to do is open the .htaccess file in your site\u2019s root directory (or create it) and add the following:<\/p>\n
 RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?:\/\/(www\\.)?yourdomain.com [NC] RewriteCond %{HTTP_REFERER} !^http(s)?:\/\/(www\\.)?google.com [NC] RewriteCond %{HTTP_REFERER} !^http(s)?:\/\/(www\\.)?bing.com [NC] RewriteCond %{HTTP_REFERER} !^http(s)?:\/\/(www\\.)?yahoo.com […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7705"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7705"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7705\/revisions"}],"predecessor-version":[{"id":7706,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7705\/revisions\/7706"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7705"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7705"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7705"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
If you are a Kinsta user and aren\u2019t using a CDN, we can add this for you. Just open up a quick ticket with our support team from the MyKinsta<\/a> dashboard.\u00a0If you are using the above rules along with a CDN, you might also need to whitelist your CDN subdomain.<\/p>\n","protected":false},"excerpt":{"rendered":"
And the seventh line defines the image you want the visitor to see in place of the hotlink protected image. This not required, but you could give them a friendly warning. If you want to allow multiple sites you can duplicate this row and replace the referrer. If you want to generate some more complex rules, take a look at this htaccess hotlink protection generator<\/a>.<\/p>\n