Grow your CSS skills. Land your dream job.

Last updated on:

Prevent Image Hotlinking

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourdomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpg|gif|bmp|png)$ /images/dontsteal.jpg [L]

Images linked to from anywhere else than your website are redirected to a custom graphic. Do note though, that this would affect people reading posts through RSS readers as well.

Also allow search engines

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mydomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?google\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?bing\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yahoo\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?yahoo\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|png)$ /transparent.gif [L]

Comments

  1. Helen
    Permalink to comment#

    This snippet is popular on the web. One copies it from the other one. First of all: It doesn’t work for most of the cases in general. Try it with Coldlink (http://coldlink.com/htm/tool.htm) and you will see the original image.

    In special, it does not work because the dontsteal.jpg causes a paradoxon with the rewrite-rule.

  2. The Problem is how to make WordPress don’t change the .HTAccess to the default every time…

  3. Jon Sacci
    Permalink to comment#

    After wp-installation, manage the htaccess files rights, so that wp can’t write into it. You can manually add the changes you need to afterwards. (Or copy paste from the admin, when the wp tells you that the htaccess is not writable)

  4. Lionel Morrison
    Permalink to comment#

    Would this work for preventing people from downloading videos from your site?

  5. Permalink to comment#

    Some issue …

    If upper strings have rule RewriteBase /

    We have small and angry internal error 500 on external queries.

    Better way is

    <IfModule mod_rewrite.c>
         Options -Indexes
         Options +FollowSymLinks
    
      RewriteEngine on 
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?www\.SITE-NAME\.DOMAIN/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yandex\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?rambler\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?google\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?bing\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yahoo\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?yahoo\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^$
      RewriteRule .*\.(swf|jp?g|ti?f|gif|gif|bmp|png|pdf|mp3|wav|wmv|avi|mpeg|ogg)$ http://www\.SITE-NAME\.DOMAIN/image\.png [L]
    </IfModule>
    

Leave a Comment

Posting Code

Markdown is supported in the comment area, so you can write inline code in backticks like `this` or multiline blocks of code in in triple backtick fences like ```this```. You don't need to escape code in backticks, Markdown does that for you.

Sadly, it's kind of broken. WordPress only accepts a subset of HTML in comments, which makes sense, because certainly some HTML can't be allowed, like <script> tags. But this stripping happens before the comment is processed by Markdown (via Jetpack). It seems to me that would be reversed, because after Markdown processes code in backticks, it's escaped, thus safe. If you think you can fix this issue, get in touch!

If you need to make sure the code (typically HTML) you post absolutely posts correctly, escape it and put it within <pre><code> tags.

Current ye@r *

*May or may not contain any actual "CSS" or "Tricks".