How to Prevent Image Hotlinking in WordPress: 4 Effective Methods

Category : WordPress


Image hotlinking is a common problem faced by many WordPress website owners. It occurs when someone directly links to an image hosted on your website, essentially stealing your bandwidth and server resources. This can lead to slow page load times, increased hosting costs, and even legal issues if the images are copyrighted. Fortunately, there are several effective methods to prevent image hotlinking and protect your website’s assets.

1. Edit the .htaccess File

One of the most popular methods to block hotlinking is by modifying the .htaccess file on your server. Here are the steps:

  1. Access your WordPress root folder via FTP and locate the .htaccess file.
  2. Download a backup copy of the file in case anything goes wrong.
  3. Open the file in a text editor and add the following code:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)? [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]

  1. Replace “” with your actual domain name.
  2. Save the changes and re-upload the .htaccess file to your server.

This code snippet will block any HTTP referrers that are not from your own domain, effectively preventing other websites from directly linking to your image files.

2. Use a WordPress Plugin

If you’re not comfortable editing the .htaccess file directly, you can use a WordPress plugin to handle hotlink protection. Some popular options include:

  • All In One WP Security & Firewall: Navigate to WP Security → Firewall → Prevent Hotlinks and check the box to prevent image hotlinking.
  • Disable Right Click for WP: Blocks right-clicking on your site, making it harder for users to copy image URLs.
  • Prevent Content Theft: Disables right-clicking and displays a notification to users.

These plugins provide an easy, code-free way to safeguard your images from unauthorized hotlinking.

3. Use Cloudflare to Prevent Hotlinking

Cloudflare is a popular content delivery network (CDN) that offers built-in hotlink protection. Here’s how to enable it:

  1. Log in to your Cloudflare account and select your domain.
  2. Navigate to the “Scrape Shield” section in the left sidebar.
  3. Locate the “Hotlink Protection” box and toggle the switch to enable it.
  4. Ensure that you are using Cloudflare’s proxy IPs for the feature to work effectively.

Once enabled, Cloudflare will block any HTTP referrers that are not part of your domain, preventing unauthorized websites from directly linking to your images and other assets.

4. Add Watermarks to Images

Adding visible watermarks to your images is another way to deter hotlinking. By prominently displaying your logo or website URL on the image itself, you make it less appealing for others to use without permission.

There are many free watermarking tools available online, or you can use image editing software like Photoshop or Gimp to add your own custom watermarks.


Image hotlinking is a real issue that can negatively impact your WordPress website’s performance, bandwidth usage, and search engine rankings. By implementing one or more of the prevention methods outlined above, you can effectively block unauthorized linking and keep your site running smoothly.

Remember, the best approach is often a combination of techniques – such as editing the .htaccess file, using a security plugin, using Cloudflare’s hotlink protection, and adding watermarks to your most valuable images. With a little proactive effort, you can stop hotlinkers in their tracks and protect your website’s assets for the long haul.