Prevent Image Hotlinking Wordpress

Page content

How to Enable Image Hotlinking Protection for Your Wordpress Website

Hotlinking is the practice of linking to a file hosted on another website without proper authorization or without downloading it and hosting on your own server. Quite frequently people may hotlink to images hosted on other websites, This is done to save their own bandwidth and server resources but it can prove costly for the website hosting the file originally. While images are mostly hotlinked on the web, there are other file types too that can be hotlinked.

In this post, we are going to explain methods to prevent image hotlinking in Wordpress. If you are a wordpress user, you must have uploaded media files to your website. These media files constitute the largest part of the page size on your website. If you do not have hotlinking prevention enabled on your Wordpress website, it might already be costing you in terms of bandwidth and resources since people may be stealing your server resources by hotlinking images from your Wordpress website. Moreover, hotlinked images do not offer proper citations either.

What is Hotlinking Protection?

Hotlinking prevention or hotlinking protection means protecting assets hosted on your website from theft or use by other blogs. By enabling hotlinking protection, you will make sure that only the authorized users have access to a particular resource on your website. It is important since hotlinking can hurt website speed and performance. If someone else is hotlinking to your Wordpress images, it can cause pages on your website to load slower and the use of your server resources to grow making hosts increase for you.

Hotlinking is generally done by less reputable sites. When you enable hotlining protection, you are saving bandwidth and server resources as well as improving website speed and performance. Apart from it, hotlinking protection has SEO benefits too. Your website will not be associated with less reputable sites that frequently rely on image hotlinking.

While there are several methods to enable hotlinking protection on your wordpress website, the most common and popular method is through the .htaccess file. Apart from it, if you are using a cdn link cloudflare or bunny, you can enable hotlinking protection easily. If you see an image being hotlinked to by another high traffic website, you can also rename it to prevent hotlinking. However, using the .htaccess code or a cdn for hotlinking protection are the more reliable solutions to prevent image hotlinking.

Prevent image hotlinking using .htaccess file

The .htaccess file is a crucial file in the root folder of your website. It can be used for managing speed, performance and security of your website as well as for creating redirects. There are multiple uses of the .htaccess file where you can add a code to enable the functionality. However, since the .htaccess file is a critical file, making changes to it can also break your site and make your site inaccessible or pages go 404. So, you must first copy and save the contents of the .htaccess file before making any changes. This will help you revert the changes if anything goes wrong.

You can make changes to your .htaccess file using an SFTP client like filezilla or Cyberduck. Otherwise, if you have SSH access to your server, you can easily make changes to the .htaccess file. Another method of editing the .htaccess is to use the Yoast plugin. You can use either of these three methods to edit the .htaccess file and make changes.

First of all, copy and save the contents of your .htaccess file. Download the file using an SFTP client for editing and then add the following code to this file and save.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)*$ [NC]
RewriteRule \.(gif|jpg|jpeg|bmp|zip|rar|mp3|flv|swf|xml|php|png|css|pdf)$ - [F]

The above code will enable hotlinking protection on your Wordpress site. Replace in the above code with your real domain name. After having made the changes save the file and check the front end of your website.

Prevent image hotlinking using a Wordpress plugin

If you are not comfortable making changes to the .htaccess file, you can instead use a plugin to prevent image hotlinking on your Wordpress website. The best plugin to prevent image hotlinking in Wordpress is the security plugin All in One Wordpress Security and Firewall.

You can install this plugin from the Wordpress repository like you install any other plugin. After installation, go to the settings for WP Security -> Firewall -> Prevent hotlinks. Now check the box to prevent image hotlinking. This will help you protect your images from being hotlinked.

You can also disable the right click functionality on your Wordpress website using a plugin like Disable Right Click for WP. This will prevent others from right clicking on the pages and copying image urls or other assets’ urls.

Use Cloudflare CDN

You will need a cloudflare account and Cloudflare dns enabled for your website to use the CDN’s hotlinking protection feature. If you do not have Cloudflare enabled on your website, then you can benefit from its free cdn and several security and speed features by creating a free account.

Create a free account and login to the dashboard. Now, select your website and go to scrape shield. Toggle the switch for hotlink protection to on. That’s all. Noe cloudflare will protect your Wordpress images from being hotlinked. You can also use configuration rules to disable image hotlinking selectively for your Wordpress website.

Prevent image hotlinking using Bunny CDN

If you are a bunny cdn user, you can easily enable image hotlinking protection on your Wordpress website. Login to your Bunny CDN account. Open your pull zone management page and then the security panel.

Now, you need to add allowed referrers. Add your website domain without the http or https like or Click on add allowed referrers.

Repeat this process for each domain and subdomain. However, if you want the same data to be accessible across all subdomains, you can create a wildcard to include all subdomains like * This will include all the subdomains but not the root domain which you can add separately. The websites that are not among the allowed referrers will receive a 403 forbidden response now when trying to hotlink images from your website.


We have discussed four methods to prevent image hotlinking on your Wordpress website in this post. Image hotlinking is not a good practice since it can overload the server and reduce your website speed. Therefore, it is a good practice to enable hotlinking protection using either the .htaccess code or any of the other three methods outlined above.

The .htaccess method is the most used method to enable hotlinking protection on Wordpress websites hosted on Apache server. However, it is also quite easy to enable the protection through a cdn. Cloudflare users can go to scrape shield to prevent image hotlinking and bunny cdn users can add allowed referrers to enable hotlinking protection for their websites.

Suggested Reading

Enable the use of .htaccess file on Apache Server

How to use Cloudflare CDN with Wordpress

Configure Bunny CDN for Your Wordpress Website

How to Easily Reset Wordpress User Password

How to add custom CSS in Wordpress

Benefits of social media marketing for small businesses

Coca Cola Social Media Marketing Strategy and Objectives

Apple Social Media Marketing Strategy and Objectives