What is hotlinking and why is it bad? In this article we will cover the hotlinking topic.

Hotlinking, that ain’t cool! So, there are a number of reasons why you would stumble upon hotlinking.

I decided to take a look at my backlink profile and see how my website was doing.

What I discovered was something strange.

I looked deeper into my external backlinks and found people were linking to some of my pages.

Upon further investigation, I noticed that they weren’t actual links, instead it was websites directly linking to my images!

So what is hotlinks? 

What Is Hotlinking?

Hotlinking or inline linking is a method of copying the URL of an asset to view the material on another website by directly linking it to yours. hotlinking-example

Hotlinking or inline linking is a method of copying the URL of an asset to view the material on another website by directly linking it to yours. 

This way, your bandwidth can be used every time people visit a website that has hotlinks to your properties. The more individuals that access the information, the faster you run out of bandwidth. 

Out of laziness, most people hotlink, ignoring correct linking procedures, such as requesting permission and uploading the material to their own web hosting.

Often of course, it is done simply because of a lack of awareness. 

In reality, many people still feel that it is easier to leave the content on their original site rather than download and re-upload it.

What Is Hotlinking Images

Let’s assume, for instance, that the owner of website A is hosting a specific image on their server.

The owner of website B sees the picture and decides that he also wants it on his website.

However the owner of website B connects directly to the domain of website A instead of uploading the image and hosting it on his own server.

Bulletproof your Domain for $4.88 a year

Therefore, instead of using their own domain to connect to the image, they directly link to your image using up your hosting resources.

The same applies to video and other media hosted on your own site.

Why Is Hotlinking Bad

why is hotlinking bad
is hotlinking bad?

In many cases, hotlinks is unintentional. More often than not, the hotlinker knows what they’re doing, but doesn’t realize it’s a mistake.

What these individuals do not know is that hotlinking can be very costly for the owner.

If someone borrowed content that you either developed or paid for and used your server resources to do so, imagine what it would be like!

Basically, they’re freeloading, ignoring the effort you put into the content of your site, and leeching off your server capital.

Hotlinking is also unconstitutional in most cases. You obtain a license to use the image when you purchase a photo from a stock photo website.

The license is for you alone, not for anyone who wishes to copy and use the image URL for themselves.

It’s critical that as a license holder, you protect your legal rights. 

As if getting your content used without permission is not bad enough it will put a lot of pressure on the server of your website if a large number of people hotlink to your photos.

This could eventually lead to the crash of your site, and users would be turned away.

Is Hotlinking Legal

The biggest concern at stake with hotlinks is violation of copyright. No actual ‘copy’ of the work has been made as the hotlink is guided to another file.

Without violating copyright infringement, this technicality has created a legal loophole that enables image users to view content they do not own. 

In Europe and The United States Of America, embedding photos without permission remains legal.

Things are changing, however with rising awareness among major image hosting sites of the problems with hotlinking.

For example, hotlinking was banned by Imgur back in 2017. 

Another hotlinking issue involves bandwidth. If an image on a website is hotlinked, the website does not have to use any of its own bandwidth (which the server hosting company charges) to host the file.

Instead it eats into the bandwidth of the original host of the file any time anyone views the image.

This could actually be a problem if you’re a photographer hosting several images on your website.

So technically, depending on where you are in the world, hotlinks are legal. Just not ethical.

Continue Reading to find out how to protect against Hotlinking.

Hotlinking Protection

hotlink protection
how to protect against hotlinking

So now that you know what hotlinking is, is there a way to protect yourself from hotlinking?

Yes, however, there are pros and cons when it comes to disabling hotlinking.

There are many different routes you could take to disable hotlinking and to protect yourself against hotlinking.

Depending on the route you’d want to take, let’s take a look at the pros and cons first.

When it comes to disabling hotlinking, there are more cons than pros.

Pros To Blocking Hotlinking

  • Prevents people from using up your servers bandwidth
  • Stops your images from appearing at different places other than your site (branding and site recognition.)

Cons To Blocking Hotlinking

  • It can prevent users from viewing your site properly if they are using proxies or vpns.
  • Also prevents some users using a firewall to view your images.
  • Stops Google Images from indexing your photos.
  • Interferes with remote requests being cached.
  • Can break your site if you don’t know what you’re doing.

Should You Block Hotlinking

Ultimately the decision comes down to your or your client. Weigh out the pros and cons and be sure to explain to your client about the pros and cons to disabling hotlinking.

Here at g-fx.net we thought about it thoroughly and decided not to block hotlinking. If you’ve noticed, most of our images are watermarked. This is a good practice for brand recognition when someone decides to hotlink to your images.

We also monitor our links and people hotlinking to our site. If it becomes a problem for us, we will just block the problematic website that’s hotlinking to our files.

However, it is not a big deal for us to disable hotlinking. Everyones circumstances are different and only you can decide wether or not to allow or block hotlinking.

Also don’t get confused with hotlinking and hyperlinks. Continue reading to find out the difference.

Prevent Hotlinking

So you’ve weighed out the pros and cons from hotlinking and want to know how you can prevent hotlinking. 

Below we will guide you on different ways to stop hotlinking. Although there are a ton of ways to achieve this. We will explain which is fast, easy and best.

Fast Way To Prevent Hotlinking

The most quickest way to prevent hotlinking is to disable it through your hosting cPanel. If this option is not available, reach out to your hosting company and request that they block hotlinking.

Easiest Way To Prevent Hotlinking

This would fall under fast as well, however, if you are using a CDN such as cloudflare, you can disable hotlinking though

This is fast and easy to do.

Best Way To Prevent Hotlinking

This method requires some technical knowledge and requires you to edit your .htaccess file.

9 times out of 10 you’ll have an .htaccess file on your website.

Simply locate your .htaccess file and add the following code:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)example.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|bmp|zip|rar|mp3|flv|swf|xml|php|png|css|pdf)$ - [F]

Alternatively, there is another pro to this, which allows you to serve alternate content when someone decides to hotlink but requires more work.

Display A Different Image When Hotlinked

To serve alternative content when it senses hotlinking. When hotlinking is attempted, you can set up your .htaccess file to actually view different content.

This is more generally done with images that show your frustration with this operation, such as serving an image of “Angry Man” instead of the hotlinked image.

Once again, substitute example.com with your own domain name on lines 3 and 4.

Another fun and troll approach would be to display a funny image. You could also display something like this:

To do this, add this code into your .htaccess

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)example.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ http://www.example.com/stolen-image.jpg [R,L]

Of course, replace example.com with your domain and stolen-image.jpg with your image.

Other Ways To Prevent Hotlinking

Aside from the options above here are other ways to prevent hotlinking.

Prevent Hotlinking With A WordPress Plugin

All In One WP Security & Firewall has a built-in framework inside to stop image hotlinking, a comprehensive and easy to use WordPress security plugin. You can install the plugin better and allow protection against hotlinking in the environment. Besides that it helps to add to your WordPress site some extra protection and firewall. With 800,000+ active installations and 800+ 5 star ratings, the plugin is very common. Let’s see how to allow security against hotlinking with this plugin.

Of course, this would only work if your website is using wordpress. Also keep in mind there are other wordpress plugins that can disable hotlinks.

Rename Your Image Files Being Hotlinked

A smart solution is to simply adjust the URL of the picture if anyone hotlinks one of your pictures. Then the picture will not be seen by hotlinkers, since the link they used would be incorrect. Their site will display a 404 Error instead of showing your picture, but that’s the problem of the hotlinker! 

Renaming the pictures is also a great step in avoidance. As a website owner, your website images should be renamed periodically, as this will help you avoid hotlinking your content.

Block Specific Domains

An alternate technique would be to block the use or download of your photos from certain sites. Create a blacklist of domains that you suspect your photos will be pirated on, or that you have heard others share illegally.

If you have a long list of domains to block, it is a successful preventive move.

To do this, it also requires editing your .htaccess file.

RewriteEngine On

RewriteCond %{HTTP_REFERER} ^https?://referer-1\.example/ [OR]
RewriteCond %{HTTP_REFERER} ^https?://referer-2\.example/ [OR]
# etc...
RewriteCond %{HTTP_REFERER} ^https?://referer-150\.example/
RewriteRule \.(jpe?g|png|gif)$ - [NC,F]

DMCA Notice

You may explicitly contact them and suggest that they stop using your content if you know who the hotlinkers are.

You have the Digital Millennium Copyright Act (DMCA) on your side if they don’t listen.

Use it to compel a hotlinker on their web to avoid using your photos. 

It will be taken very seriously if you give a notice that references the DMCA.

They will know that you are not playing around and that if they ignore the sign, there will be serious consequences.

Hotlinkers can delete the links to your photos easily when they are faced with a very real fear of being fined or blocked, or of getting their website suspended.

So now that you know how to prevent hotlinking, how can you tell if someone is hotlinking to your images? 

Continue reading to find out how to see who is hotlinking and using your resources.

How to detect if someone is hotlinking your files

There are numerous ways to find out if someone is hotlinking to your website. One way is to explore your backlinks through semrush.

You can also check your website logs, although this method can be very time consuming.

Another way is to use a custom google string, which isn’t always accurate.

We find that using semrush to explore your links is the easiest, although not the cheapest way.

Check hosting logs

You can check which files are being accessed by which sites by checking your web server site logs.

  • Use your FTP software to access your web server directory, and then go into the logs/W3SVC### directory (where ## may be any set of numbers).
  • View and/or download a few of the more recent log files. Each log file is named according to date, such as exYYMMDD.log where YY is the last two digits of the year, MM is the month, and DD is the day.
  • If several lines reference the same image on your site, look closely at the line to see if the URL is from another site or from a known location.search engine. Typically, any URL that has forum in it is a good indication of possible hotlinking. There may be other web sites that also do this. The lines are long so you will need to scroll horizontally to see all the data, or you can enable word wrapping in your text editor.

Use Google To Check For Hotlinkers

Using google image search is a great way to detect hotlinking. Head over to https://images.google.com/

And type the following search string:

inurl:g-fx.net -site:g-fx.net

Replace g-fx.net with your domain.

If you have people hotlinking to you, it will display them on google images like this:

Hotlink vs Hyperlink

Keep in mind that hotlink and hyperlink is two different things.

Hotlink

A hotlink or inline link will display a video, image or other media file directly from your site (Website A) onto another website (Website B). These do not count as a backlink and instead using your hosting resources to display the content on (Website B).

Hyperlink

A hyperlink is an icon, image, or text that links to another file or object, otherwise referred to as a link or web link. Hyperlinks count as a backlinks and connects the person from (Website B) to your website (Website A) when clicked on the hyperlink.

Hotlinking example

Here is an example of someone hotlinking.

Our post: https://g-fx.net/best-photography-hashtags-2018/

Previously had this image as the featured image, which we updated.

And here is a website directly hotlinking to that image.

Now, the old me would have probably replaced https://g-fx.net/wp-content/uploads/2018/09/best-photography-hashtags-in-2018.png

On my hosting with a more…NSFW image…just to get revenge on that bandwidth thief. However, that was then, this is now.

We don’t feel the need to take those steps but if you do want to be a troll to those people, identify what images are being hotlinked and simply replace the image on your server, keeping the file name the same.

Test hotlinking 

If you want to check if your hotlinking protection is working. Use this site to see if your hotlinking protection is working.

https://www.free-webhosts.com/hotlinking-checker.php

this image was hotlinked meaning

If you get this error that means that you are attempting to hotlink a file from someone else’s web server and that website is using hotlink protection.

How to bypass hotlink proctection

Although we consider this very unethical at the same time. G-fx.net is about providing free information pertaining to web development and tech.

We recommend reaching out to the website owner and asking them for permission first. However, there are ways around hotlink protection.

To bypass it you’ll need to send a referrer header to the site pointing at it or the picture in question. 

Basically make the method of hotlink security assume that the host is asking for the picture and not you. 

That is if they are using this security form. (although it’s the most popular one)

bypassing hotlink protection.

First of all you will need some kid of code written in php and hosted on your server. This will bypass the http referer request.

Here is a link to github

https://gist.github.com/juancroldan/1a7f86f1ece7ad972c5c120e5cc42c03

—-

Bottom line

If you’re a victim of hotlinking and it is using up your server resources then that can become a real problem. However there are ways to prevent hotlinking and there are ways to bypass hotlink protection.

It is not illegal to hotlink if you’re in europe or the united states of america although it is very laZy and unethical to do.

There are pros and cons to preventing hotlinking. However, there are more cons to blocking it rather then allowing hotlinking.

The ultimate decision to stop hotlinking comes down to you or your client.

We recommend allowing hotlinking but watermarking all of your images to benefit from free exposure. After all, if they are using your hosting resources you might as well take advantage of free advertising.

Also, if it becomes a problem then we recommend just blocking the specific website that is hotlinking to your files.