Treehouse: Grow your CSS skills. Land your dream job.

Last updated on:

Prevent Image Hotlinking

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourdomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpg|gif|bmp|png)$ /images/dontsteal.jpg [L]

Images linked to from anywhere else than your website are redirected to a custom graphic. Do note though, that this would affect people reading posts through RSS readers as well.

Also allow search engines

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mydomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?google\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?bing\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yahoo\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?yahoo\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|png)$ /transparent.gif [L]

Comments

  1. Helen
    Permalink to comment#

    This snippet is popular on the web. One copies it from the other one. First of all: It doesn’t work for most of the cases in general. Try it with Coldlink (http://coldlink.com/htm/tool.htm) and you will see the original image.

    In special, it does not work because the dontsteal.jpg causes a paradoxon with the rewrite-rule.

  2. Gustavo S. Bordoni
    Permalink to comment#

    The Problem is how to make WordPress don’t change the .HTAccess to the default every time…

  3. Jon Sacci
    Permalink to comment#

    After wp-installation, manage the htaccess files rights, so that wp can’t write into it. You can manually add the changes you need to afterwards. (Or copy paste from the admin, when the wp tells you that the htaccess is not writable)

  4. Lionel Morrison
    Permalink to comment#

    Would this work for preventing people from downloading videos from your site?

  5. Zen
    Permalink to comment#

    Some issue …

    If upper strings have rule RewriteBase /

    We have small and angry internal error 500 on external queries.

    Better way is

    <IfModule mod_rewrite.c>
         Options -Indexes
         Options +FollowSymLinks
    
      RewriteEngine on 
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?www\.SITE-NAME\.DOMAIN/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yandex\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?rambler\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?google\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?bing\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yahoo\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?yahoo\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^$
      RewriteRule .*\.(swf|jp?g|ti?f|gif|gif|bmp|png|pdf|mp3|wav|wmv|avi|mpeg|ogg)$ http://www\.SITE-NAME\.DOMAIN/image\.png [L]
    </IfModule>
    

Leave a Comment

Posting Code

We highly encourage you to post problematic HTML/CSS/JavaScript over on CodePen and include the link in your post. It's much easier to see, understand, and help with when you do that.

Markdown is supported, so you can write inline code like `<div>this</div>` or multiline blocks of code in in triple backtick fences like this:

```
<script>
  function example() {
    element.innerHTML = "<div>code</div>";
  }
</script>
```