Prevent Image Hotlinking

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourdomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpg|gif|bmp|png)$ /images/dontsteal.jpg [L]

Images linked to from anywhere else than your website are redirected to a custom graphic. Do note though, that this would affect people reading posts through RSS readers as well.

Also allow search engines

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mydomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?google\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?bing\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yahoo\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?yahoo\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|png)$ /transparent.gif [L]

Comments

  1. User Avatar
    Helen
    Permalink to comment#

    This snippet is popular on the web. One copies it from the other one. First of all: It doesn’t work for most of the cases in general. Try it with Coldlink (http://coldlink.com/htm/tool.htm) and you will see the original image.

    In special, it does not work because the dontsteal.jpg causes a paradoxon with the rewrite-rule.

  2. User Avatar
    Gustavo S. Bordoni
    Permalink to comment#

    The Problem is how to make WordPress don’t change the .HTAccess to the default every time…

  3. User Avatar
    Jon Sacci
    Permalink to comment#

    After wp-installation, manage the htaccess files rights, so that wp can’t write into it. You can manually add the changes you need to afterwards. (Or copy paste from the admin, when the wp tells you that the htaccess is not writable)

  4. User Avatar
    Lionel Morrison
    Permalink to comment#

    Would this work for preventing people from downloading videos from your site?

  5. User Avatar
    Zen
    Permalink to comment#

    Some issue …

    If upper strings have rule RewriteBase /

    We have small and angry internal error 500 on external queries.

    Better way is

    <IfModule mod_rewrite.c>
         Options -Indexes
         Options +FollowSymLinks
    
      RewriteEngine on 
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?www\.SITE-NAME\.DOMAIN/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yandex\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?rambler\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?google\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?bing\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yahoo\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?yahoo\.(.+)/ [NC]
      RewriteCond %{HTTP_REFERER} !^$
      RewriteRule .*\.(swf|jp?g|ti?f|gif|gif|bmp|png|pdf|mp3|wav|wmv|avi|mpeg|ogg)$ http://www\.SITE-NAME\.DOMAIN/image\.png [L]
    </IfModule>
    

Submit a Comment

Posting Code

You may write comments in Markdown. This makes code easy to post, as you can write inline code like `<div>this</div>` or multiline blocks of code in triple backtick fences (```) with double new lines before and after.

Code of Conduct

Absolutely anyone is welcome to submit a comment here. But not all comments will be posted. Think of it like writing a letter to the editor. All submitted comments will be read, but not all published. Published comments will be on-topic, helpful, and further the discussion or debate.

Want to tell us something privately?

Feel free to use our contact form. That's a great place to let us know about typos or anything off-topic.

icon-closeicon-emailicon-linkicon-logo-staricon-menuicon-nav-guideicon-searchicon-staricon-tag