Prevent hotlinking on your media files

Whenever you want to ban/prevent hotlinking your media files and protect your server’s resources and bandwidth you may use the following snippet in the .htaccess file of your main directory of your site.

# BEGIN Hotlinking Protection

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?YOURSITE.YOURDOMAIN [NC]
RewriteRule .(webm|3g2|3gp|3gpp|flv|m3a|m4a|m4b|mka|mkv|mov|mp2|mp3|mp4|mpeg|swf|wav|wma|wmv|XYZ)$ - [NC,F,L]

# END Hotlinking Protection

Just replace YOURSITE.YOURDOMAIN with your site and at the fourth row of the actual code (don’t mind the # comment line) you can put whatever file extensions in the brackets () separated by | sign – (X|Y|Z).

How it works?

Well, it just tells the server to ban all third parties from accessing your data so only your site can display that info and that’s it.

PS: If you are a WordPress user and you don’t want to mess with any code this plugin is for you : )



One response to “Prevent hotlinking on your media files”

  1. You will not protect your site from iframe embeds with this protection, so in order to setup a better protection, you should add this to your .htaccess:

    Header set X-Frame-Options DENY

    It is of great importance to enable mod_headers for apache, otherwise this line will lead to error 500 on your site.

Leave a Reply

Your email address will not be published. Required fields are marked *