Avoid hotlinking of images and save your bandwidth

Yesterday I was looking at the traffic on www.shwetagupta.com and found that lot of people from myspace and other domains are referring to images hosted on my server and hence eating up my bandwidth. I was getting 40% of the requests(for images) from myspace domain. Yes! they have a huge traffic. If one has to use the images then they should download them and host them on their server instead of hotlinking to someone else site. “Hotlinking” or “Bandwidth theft” is direct linking to a web site’s files (images, video, etc.). An example would be using an <img> tag to display an image you found on someone else’s web page so it will appear on your own site, weblog, forum message post, etc. Usually personal sites don’t have that much of bandwidth to allow hotlinking of images. Also I observed that lot of people these days not only copy the content from your site but also the the images (still being served from your server i.e. leeching your bandwidth)

You can do two things to discourage hotlinking of content on your site

I Making changes in .htaccess file

Suppose all your images are in images folders ( mine are in http://www.shwetagupta.com/blog/images) then create .htaccess file in that folder with following content so that request for any image on shwetagupta.com (on any domain other than shwetagupta.com) will cause it to display a substitute image (stolen.jpg) i.e

Hotlinking of images


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://yourdomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com/.*$ [NC]
RewriteCond %{REQUEST_URI} !^/stolen.jpg [NC]
RewriteRule \.(gif|GIF|jpg|JPG)$ http://yourdomain.com/redirect/stolen.jpg [R]


Above changes will cause it to serve http://yourdomain.com/redirect/stolen.jpg

It was just for fun :) If you don’t want to serve a substitute image (like stolen.jpg) then just put the following content in .htaccess file in your images directory

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://yourdomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG|bmp|BMP)$ – [F]


The lines above will cause the request for any image on your server to simple fail.

Few things to remember though

  • the above .htaccess should only be placed in the separate directory containing the images so that it doesn’t affect .htacess files and content.
  • mod rewrite needs to be enabled by your web host if you need to show the substitute image

You can check the effectiveness of above changes through Hot link checker

II Adding copyright text to your images

You can add copyright text (eg. copyright 2007, www.shwetagupta.com) to all your images using photoshop technique or some other tool. So even if people are hotlinking to your images, its spreading a word about your site :)

Hopefully it will discourage hotlinking of your images :)

This entry was posted in General. Bookmark the permalink.

9 Responses to Avoid hotlinking of images and save your bandwidth

  1. Amit says:

    well, you let them go easy, otherwise you can do such nasty things to them, hehehe!! ;) some smart guy once did the unfortunate thing of hotlinking, not my image but a javascript file of mine that I was using in my website. and I just started serving another file to him with some nice code that used to display nice warning messages on his website & then redirected the visitors somewhere else randomly!! soon the guy understood the whole deal & did the smart thing of stealing the script & hosting it himself!! have read about such cases a lot of times & its only a few times I’ve seen people hitting back with vengeance, otherwise they just let go of the theives easily by forbidding hotlinking!! ;)

    Reply to this comment

  2. Thanks Shweta,

    I’ve had a lot of bandwidth theft on my ad blog (www.farrukhnaeem.com). Your post was very helpful in solving that.

    Keep up the good work!


    Reply to this comment

  3. Anomalizer says:

    Completely unrelated but you now don’t stand a chance of having high click throughs from image search. anomalizer.net (v1) used to get most of its traffic from image search results and yes there were a couple of cases of hotlinking.

    Reply to this comment

  4. @Anomalizer: I guess adding google (or others) to the allowed referers would do the trick.

    @Shweta: There are still a couple of problems:
    1. You are blocking blank referrer as well. Now, many people block sending referrers from there browsers, so your pics won’t be visible to them. But generally ppl who do this also know that this happened because of them blocking sending of referrers and wud enable them if they want to see.
    2. Stopping hotlinking also seems to bork out many feedreaders, so thats a major issue.

    Reply to this comment

  5. shweta Gupta says:

    Good and valid points. Do you know the solution also ? :)

    Reply to this comment

  6. shweta, I somehow overlooked the “!” in front of ur first rewrite condition, so u are not blocking the blank referer, so u won’t get that problem.
    About the google image search and feedreaders, the only option is that you add those sites as well in ur rewrite conditions…

    Reply to this comment

  7. Vishwa says:

    Great artical…I am new in web development and don’t know much about mod rewrite. Just a small question :)
    What is “!” sign ? why we use it? i know about ^(start) and $(end) signs but dont know about “!”.can you please explain little bit!

    Thanks a lot for the nice post.

    Reply to this comment

    Zim reply on October 29th, 2010 6:00 pm:

    The exclamation sign is a NOT operator :)

    Thanks for this article!

    Reply to this comment

  8. Ifham khan says:

    Very nice shweta Its really helpful

    Reply to this comment

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>