Hotlinking: What Is It & How To Prevent It in 2022- Pixsy
big steal chain

What Is Hotlinking? Why It’s Bad & How To Stop It

Feature photo: Mike Alonzo; CC0

What is hotlinking?

Hotlinking is when a website links to an image (or other media file) that is hosted on an external server (i.e. another website), instead of uploading it directly. This way, the image is embedded into the new web page but hosted by the original server, stealing its bandwidth. When viewing a website, it’s not always immediately clear that an image is hotlinked, because it blends seamlessly into the page.

Why should I care about hotlinking images?

The largest issue at stake with hotlinking is copyright infringement. Since the hotlink directs to another file, no actual ‘copy’ of the work has been made. This technicality has created a legal loophole that allows image users to display content they don’t own without committing copyright infringement.

Is hotlinking legal?

Embedding images without permission remains legal in the EU and US. Things are changing, however, with growing acknowledgement of the problems with hotlinking among major image hosting sites. Imgur, for example, banned hotlinking back in 2017.  

Hotlinking images is bandwidth theft

Another issue with hotlinking concerns bandwidth. If an image is hotlinked on a website, that website does not have to use any of its own bandwidth (which is chargeable by the server hosting company) to host the file. Instead, every time someone views the image, it eats into the bandwidth of the original host of the file. If you’re a photographer hosting multiple images on your website, this could potentially be a concern.

How can I prevent hotlinking?

While the laws are still catching up with the realities of digitization, there are plenty of proactive steps you can take to prevent hotlinking, and limit the damage if you find out your work has been hotlinked.

1. Track your images

It’s important to track your images. It’s very wise to monitor where and how your images are being used. Armed with this information, you can better understand how many sites and/or images are involved, and decide how to proceed. Plus, as and when the law does change, you can be fully prepared to take further action.

2. Move the hotlinked image

For image users, hotlinked images have a major disadvantage; namely, that you – the image owner/host – retain full control of the location of the original file. If you discover one of your images has been hotlinked, you can, for example, delete the image and re-upload it so a new link is created. This breaks the hotlink, so your image is no longer displayed on the offending site.  

3. Break the link of the hotlinked image

In WordPress, you can simply edit the image permalink, so that the hotlink no longer displays your image. Likewise, in Flickr, if your images are set to public, you can switch them to private and then back to public; this generates a new link and breaks the hotlink.

4. Replace the hotlinked image

You can take this process one step further by replacing the hotlinked image with another file: one that will embarrass, shame or otherwise damage the reputation or business of the image user. In a famous example, The Oatmeal updated one of its cartoons that was hotlinked by HuffPo, to include the text (along with a screenshot of their hosting charges): “Please don’t hotlink images without my permission. It costs me money to host these. Here’s my monthly bill.”

5. Watermark hotlinked images ‘on the fly’

It’s possible to display watermarks in your images that have been hotlinked. Depending on the CMS (content management system) you use, you may find a plugin to do that for you; otherwise, if you host your images on your own website and are comfortable with basic coding, you can use a piece of code that adds a watermark to any of your images that are being linked to from outside your domain

6. Block hotlinks with a .htaccess file

If you host your images on WordPress or your own website, there’s another way to block hotlinks. This involves adding a few lines of code into the .htaccess file, which can generally be found in the dashboard area of your server hosting service. (Here’s how to find and edit it in WordPress). Unless you specify otherwise, the hotlink will display an error page in place of your image.

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]

RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]

RewriteRule \.(jpg|jpeg|png|gif)$ – [NC,F,L]

Notes to this code:

  • Type your own domain name instead of “?yourdomain.com [NC]”, i.e., “?pixsy.com [NC]
  • The “?google.com [NC]” section means that you will allow Google to link to your site — if you do not want that, delete that row but we recommend to use it like that
  • Alternatively, if you want to add any other site as an exception, allowing it to link to your site, add the same row including the specific domain name, e.g., you might want to add your photographer Facebook page or Twitter profile

One important issue to bear in mind with this approach is that, by adding a watermark ‘on the fly’ or blocking hotlinks with a .htaccess file, you are essentially serving search engines different content to that which can be viewed on your website.

This runs the risk of your website being banned or downgraded by Google and other search engines, meaning that your web pages may disappear from search results, severely impacting your traffic.

One way around this is to include exceptions in your code, so that Google and other search engines (and social media sites, for example) are still allowed to display your original image. The aforementioned .htaccess file lets you add exceptions in the ‘allowed domains’ box. 

7. Issue a Pixsy takedown request

Pixsy’s automated takedown tool tracks your images online and then issues a takedown notice automatically. The tool makes it fast and easy to request that the website operator removes your content. Some image users are unaware of the damage caused by hotlinking, so takedown notices can be very effective in drawing attention to the issue.

Summary

  • Hotlinking is when a website links to and embeds an image (or other media file) that is hosted on an external server (i.e. another website).
  • If an image is hotlinked on a website, that website does not have to use any of its bandwidth; instead, each view uses the bandwidth of the file’s original host.
  • A technical loophole means that hotlinking is not considered copyright infringement.
  • There are still steps you can take to prevent hotlinking and limit the damage.
  • Track your images to better understand how many sites and/or images are involved, and decide how to proceed.
  • Use Pixsy’s automated takedown tool to tracks your images online and issue a takedown notice.
  • Edit the URL of the hotlinked image to break the link, or replace it with another image or message.
  • Use a plugin to add a watermark to hotlinked images.
  • Prevent hotlinking by adding a few lines of code to the .htaccess file of your web server host or CMS.
  • Remember to include exceptions so that Google, Facebook, and other search engines and social media sites can access your images via hotlink.

Return to Academy Home

🎉 AWARD: Pixsy named the “Best Online Image Protection Platform” in the Technology Elite AwardsRead More
+