1. Knowledge Base
  2. >
  3. HotLinking - Enable and Disable HotLink Protection

HotLinking - Enable and Disable HotLink Protection

Hotlink protection prevents other websites from directly linking to files and pictures on your website. Other sites will only link to file types that you don't specify.

An example of hotlinking. Say I like the image on your website, and I want that image on my site. If I use the full URL of your image on my site, the image is downloading from your site every time someone looks at mine. This means I am using your bandwidth for the image. When you enable Hotlink Protection, I cannot steal your bandwidth anymore.

How to configure Hotlink Protection

The images in the video use the old cPanel interface. The steps will be the same; however, the buttons and location may differ.

To enable Hotlink Protection:

  1. Log in to cPanel.
  2. Look for the Security section, then click Hotlink Protection.

    cPanel - Hotlink Protection

  3. Make sure the domain name you wish to protect is in the box called URLs to allow access.

    Configure Hotlink Protection

  4. Provide the extensions you would like to block in the Block direct access for the following extensions (comma-separated).

    cPanel - Block Direct Access for Hotlinking

  5. Leave the Redirect request to this URL box blank unless you want outside users to be redirected to another page. If yes, input the destination URL.
  6. Hit Submit.
  7. Scroll up a bit and hit Enable.

    Hotlink Enabled

  8. A successful confirmation page will appear.

    Hotlink Protection Confirmation

  9. Click Go Back.

To disable Hotlink Protection:

  1. On the Hotlink Protection page, click Disable.

    Hotlink Protection Disabled

  2. A confirmation page will be displayed.

    Hotlink Protection Disabled

You have now protected your images from being hot-linked. Just be sure that all of your additional domains are on the Hotlink list.

WARNING: If your images stop working, you may need to check your HTML source code for a common problem. Some website designers (or programs) may decide to use absolute pathnames for your images. That means, instead of a relative path like "/images/pic.jpg," it will use the entire URL like "http://www.domain.com/images/pic.jpg." You must have that exact protocol and domain name listed in your allowed URLs ("URLs to allow access"). If there is any slight difference in the protocol (http://) or the domain name (domain.com/) between the allowed list and the HTML source code, then your images will be blocked.
Note: Some firewalls (such as Symantec's Norton Internet Security and ZoneAlarm) will block a special referrer variable in order to add more user privacy. HotLink protection works with this variable to tell where the request is coming from. As such, HotLink isn't the best solution to avoid bandwidth theft as it will eventually block legitimate requests from visitors using one of those firewalls. Unfortunately, this issue is not under our control, and there's nothing we can do to prevent it from blocking legitimate visitors. Use it at your own risk.