Select Page

Avoid Hotlinking or so called bandwidth stealing

From WikiPedia

Inline linking (also known as hotlinking, leeching, piggy-backing, direct linking, offsite image grabs and bandwidth theft) is the use of a linked object, often an image, from one site into a web page belonging to a second site. The second site is said to have an inline link to the site where the object is located.

This is not just Bandwidth Stealing, as

  • It cost CPU and bandwidth which means less performance for your visitors,
  • It cost a lot of money as you still pay the server cost, and loose ad revenues,
  • It drive people away from your reputable homepage since they will find your picture or files on any mirrors,
  • It may be a security threat at least for distributable software, anybody may alter (backdoor,ads, privacy information stealing) any of my open source component without my consent.

The mod_rewrite module is able to intercept incoming URLs and modify them according to a set of rules that you specify. The basic idea is use the mod_rewrite module to inspect the incoming HTTP header. The field we’re looking for is the Referer field – or basically the URL that the current request originated from.


This optional header field allows the client to specify, for the server’s benefit, the address ( URI ) of the document (or element within the document) from which the URI in the request was obtained.
This allows a server to generate lists of back-links to documents, for interest, logging, etc. It allows bad links to be traced for maintenance.

So create a file .htaccess at the root of your site with the following content:

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$     [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp|zip|css)$ [R,NC]


  • I want to allow cross linking between all my Subdomains wiki,demo, bugs, forums … so I have a bigger list of allowed Referer than usual to enter…
  • I do not allow hotlinking of the following resources for obvious reasons: jpg|jpeg|gif|png|bmp|zip|css
  • I redirect any bad people to a fix files on disk
  • You are allowed to copy the templates as long as you keep the bottom link.
  • Note the latest RewriteCond: I always allow Google to references my images

There is a useful online generator with a lot more explanation online at the bottom of this page . This is active on my server since 2 weeks, and I’ve see a performance in response time.

More tips 

  • To have an insight on resources stealing in nearly real time, simply put a statistics marker with for example Google Analytics to see how many people are landing on that page per week or months!
  • To generate money (better than nothing), dot forget also to put advertisements publicity on your redirect hot linking page
0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments


Would love your thoughts, please comment.x