How to Block Image Hotlinking But Allow Google


block image hotlinking but allow google

Image hotlinking is a serious problem where someone uses your website images on their website by directly linking to it. So whenever their web pages are loaded, the images on those pages are loaded directly from your server. This increases your website load, data usage and network bandwidth for you. It can slow down your site and consequently affect your website’s search engine rankings. Here’s how you can block image hotlinking on your website but allow popular websites like Google, Facebook and Twitter to access it.

 

How to Block Image Hotlinking But Allow Google

Here are the step to block image hotlinking but allow Google

 

Find out if someone is hotlinking your Images

You can find out if your images are being hotlinked by going to Google Image Search and typing the following search string.

inurl:yourwebsite.com -site:yourwebsite.com

This will look for all images from your website but exclude the ones that are actually present on your site. So you’ll see those images that have been hotlinked to your website.

In fact, CDN’s like Cloudflare provide Hotlinking Protection out-of-the-box. So if you use a CDN, check with your provider about it.

 

Prevent Image Hotlinking using .htaccess

.htaccess allows you to define rewrite rules that help you block image hotlinking. Open your .htaccess in your favorite text editor and paste the following commands.


RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?google\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?facebook\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?twitter\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(gif|jpg|jpeg|bmp|png)$ - [F]

 

Let us look at the above commands.

The first line will enable the rewrite module that allows Apache server to parse the requested URL and process it according to the rules you define.

The next 4 lines tell apache to proceed further only if the URL is not from your domain (www.example.com) and other popular websites like Google, Facebook, Twitter

The last line tells Apache to forbid any image file.

So, putting them together, the rewrite block tells apache to forbid any image requests if they are from a website other than your own (www.example.com) or popular ones like Google, Facebook, Twitter. Now you should be able to block image hotlinking but allow Google

 

If you want to block image hotlinking from all websites other than yours, you can simple remove lines 3-5 above, like so:


RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com(/.*)*$ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(gif|jpg|jpeg|bmp|png)$ - [F]

About Sreeram Sreenivasan

Sreeram Sreenivasan is the Founder of Ubiq, a business dashboard & reporting platform for small & medium businesses. Ubiq makes it easy to build business dashboards & reports for your business. Try it for free today!