How To Stop HotLinking In cPanel

Great Low Coast Hosting“Ya learn something new every day.” A phrase I’m sure you have heard uttered 1,000’s of times in the course of your life thus far. And guess what, today, you’re hearing it again!

But this time, however, the information you’re about to consume could save you and your website a whole lot of pain.

Here is how I ran across this particular issue.

A client of mine had been receiving alerts from her web host that the bandwidth on the account was about to runneth over. She was receiving multiple alerts a day. Understandably, she grew concerned because for the last eleven months, she was seeing only minor bandwidth usage increases. You know, just standard organic traffic growth.

But then in December 2013, her bandwidth usage sky-rocketed 2,200%! This happened without any visible increase in site visitors.

How To Stop Hotlinking In cPanel, Hostgoator, Blue Host

Of course, her concern immediately turned into a wave of trepidation, which I heard about in the loveliest phone call.

After a few minutes of unsuccessfully trying to convince her that she had broken the Internet, I turned to my Super Secret Spy skills to track down a solution.

With a little covert recon, I discovered that someone on the Internet had been “HotLinking” an image on her blog.

If you have never heard the term HotLinking before, it’s ok. It hasn’t been a big issue until lately. But here how it works.

When you place a photo, graphic, PDF, video or audio (media) on your website, it can be seen by the world. In order for the world to see your media, each item is assigned a unique URL. Here’s an example:

For a WordPress blog, you would upload your media while creating or editing a blog post or page. While uploading the media into WordPress, it’s automatically given a URL path where the Internet can find it: (

Now, here is how other site owners essentially “steal your images and your bandwidth”. A bad guy/gal visits your website/blog to find media they would like to use. Instead of downloading your media and placing it on their site, the “HotLinker” right clicks on the media and chooses the menu option: “Copy image URL” and places that URL into their site so that your image appears on their site. Tricky huh??

This accomplishes a couple things for the dirt-bag Internet thief. First, they get use of free media. Second, and more importantly, the media uses YOUR bandwidth for the thief’s traffic, thus keeping his bandwidth cost lower and website load times faster.

You, on the other hand, get the short end of the Internet stick. HotLinking to your media has the complete opposite effect on your site. Your bandwidth usage goes through the roof and your site’s speed can be compromised as well.

The are a variety of ways to prevent “HotLinking”, such as creating an .htaccess file within your sites root directly. Today, however, I’ll be focusing on the simplest way to accomplish this via your web host’s cPanel (control panel).

So, let’s shut down these Internet thefts once and for all!!

  • Log in to your webhost’s cPanel.
  • Once logged in, look for the “Security” panel.
  • From there, find the “HotLink Protection” icon.

How To Stop Hotlinking In cPanel, Hostgoator, Blue Host

Once you click the icon, you will see the following at the top of this page:

How To Stop Hotlinking In cPanel, Hostgoator, Blue Host

There are two things to note on the first half of this page. By default, HotLink Protection is disabled in cPanel. In order for the HotLink Protection to become active, click the “Enable” button.

Next, you’ll notice an input box titled “URLs to access”. In most instances that I have seen over the years, this part is automatically filled out by cPanel. It’s reading what your main account domain is plus any subdomains and add-on domains you have added.

How To Stop Hotlinking In cPanel, Hostgoator, Blue Host

The second half of this page allows you to add file extensions that you would like to prevent from being HotLinked. By default, the following extensions are already added: (some cPanel installs may have more or less, depending on your hosting provider) .jpg, .jpeg, gif, png, bmb. If you have other extension you need to protect, such as a .pdf, you would add them to this input box.

The last box is for re-directing anyone trying to HotLink an image from your website.

There are a couple of ways you can handle this.

  • One, you could create a little “bitch” page to verbally chew them out for trying to swipe your image (I like this one for a little revenge!)
  • Another way is you could re-direct visitors to one of your landing pages! Hell, if there’ going to try and steal your media and bandwidth, at least you can capture some leads!
  • OR…you could link to an affiliate offer of some kind! Maybe link a site that provides graphics and/or images for bloggers!

Well, I hope that helped!

rock on!